πΌ A.14.2.4 Restrictions on changes to software packages
- Contextual name: πΌ A.14.2.4 Restrictions on changes to software packages
- ID:
/frameworks/iso-iec-27001-2013/14/02/04 - Located in: πΌ A.14.2 Security in development and support processes
Descriptionβ
Modifications to software packages shall be discouraged, limited to necessary changes and all changes shall be strictly controlled.
Similarβ
- Internal
- ID:
dec-c-4516babf
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity | 18 | 19 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality) | 4 | 14 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-3: Configuration change control processes are in place | 4 | 4 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|