graphgrc

SCF - CFG-01.1 - Assignment of Responsibility

Mechanisms exist to implement a segregation of duties for configuration management that prevents developers from performing production configuration management duties.

Mapped framework controls

ISO 27002

• A.8.9

Control questions

Does the organization implement a segregation of duties for configuration management that prevents developers from performing production configuration management duties?

This site is open source. Improve this page.