configuration management

In the current context of widespread adoption of cloud technologies such as AWS, GCP, and Azure, organizations face challenges in centralized management of cloud resources, including ensuring security standards, monitoring service metrics, optimizing costs, and managing configurations. The main issue lies in the differences in the architecture of services provided by various cloud vendors, which complicates the integration and standardization of processes in multi-cloud environments.

nding to emerging threats through the implementation of recognized standards in the field of information security, such as ISO 27001, was considered. The updated edition of the international standard ISO/IEC 27001 of 2022 and, in particular, the main changes in the structure of controls were analyzed. A detailed analysis of the new security control from Appendix A – A.8.9 – Configuration Management and possible ways of its effective implementation in organizations were carried out.