CHG-03
Security Impact Analysis for Changes
Description
Mechanisms exist to analyze proposed changes for potential security impacts, prior to the implementation of the change.
Control Question
Does the organization analyze proposed changes for potential security impacts, prior to the implementation of the change?
Control Metadata
Domain:
Change Management
Validation Cadence:
Annual
Evidence Request List:
E-CHG-04
Framework Mappings
This control maps to the following compliance frameworks
APRA CPS234
21(d)
MAS TRM
7.5.2