πΌ A.12.5.1 Installation of software on operational systems
- Contextual name: πΌ A.12.5.1 Installation of software on operational systems
- ID:
/frameworks/iso-iec-27001-2013/12/05/01 - Located in: πΌ A.12.5 Control of operational software
Descriptionβ
Procedures shall be implemented to control the installation of software on operational systems.
Similarβ
- Internal
- ID:
dec-c-6d186bb8
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ DE.CM-5: Unauthorized mobile code is detected | 11 | 11 | ||
| πΌ NIST CSF v1.1 β πΌ ID.AM-2: Software platforms and applications within the organization are inventoried | 4 | 6 | ||
| πΌ NIST CSF v1.1 β πΌ PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity | 18 | 19 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality) | 2 | 13 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-3: Configuration change control processes are in place | 4 | 4 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (4)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS RDS Instance Auto Minor Version Upgrade is not enabled π π’ | 1 | π x1, π’ x6 |
| π Azure App Service does not run the latest Java version π’ | π’ x3 | |
| π Azure App Service does not run the latest PHP version π’ | π’ x3 | |
| π Azure App Service does not run the latest Python version π’ | π’ x3 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-879aa996 | 1 | |
| βοΈ dec-x-215302da | 1 | |
| βοΈ dec-x-a20e54a0 | 1 | |
| βοΈ dec-x-f82b9849 | 1 |