πΌ 47c segregation of duty controls which prevent personnel from deploying their own software changes to production;
- Contextual name: πΌ 47c segregation of duty controls which prevent personnel from deploying their own software changes to production;
- ID:
/frameworks/apra-cpg-234/18/47/c - Located in: πΌ 47 APRA envisages that a regulated entity would implement controls to manage changes to information assets, including changes to hardware, software, data, and configuration (both where the change is planned and in response to an emergency) with the aim of maintaining information security.
Descriptionβ
Empty...
Similarβ
- Internal
- ID:
dec-c-87575681
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (5)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Root User has active access keys π’ | 1 | π’ x6 |
| π AWS EC2 Instance IAM role is not attached π’ | 1 | π’ x6 |
| π AWS IAM Policy allows full administrative privileges π’ | 1 | π’ x6 |
| π AWS IAM User has inline or directly attached policies π’ | 1 | π x1, π’ x5 |
| π Azure Key Vault Role Based Access Control is not enabled π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-0a7801fb | 1 | |
| βοΈ dec-x-6c93750d | 1 | |
| βοΈ dec-x-157aa4b9 | 1 | |
| βοΈ dec-x-4157c58a | 1 | |
| βοΈ dec-x-c8041456 | 1 |