Fork me on GitHub

Culture and Organization -> Process: Approval by reviewing any new version

Risk and Opportunity

Risk: An individual might forget to implement security measures to protect source code or infrastructure components.
Opportunity: On each new version (e.g. Pull Request) of source code or infrastructure components a security peer review of the changes is performed (two eyes principle) and approval given by the reviewer.

Additional Information

Usefulness and Requirements of this Activity

Usefullness: Medium
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low


ISO27001 2017