Configuration drift refers to the gradual deviation of actual system configurations from the documented target configuration (baseline). Causes include manual ad-hoc changes, lack of change management discipline, or differing patch levels. Drift creates inconsistencies between systems that should be identically configured and can introduce security gaps or operational disruptions. In your ISMS, you counter configuration drift with automated configuration monitoring, Infrastructure as Code, and regular baseline comparisons. Define clear baselines for all critical system types and ensure that deviations are detected and corrected promptly.