CISOBot - Your AI CISO Assistant

HRS-12

Incompatible Roles

Weight: 8/10

Description

Mechanisms exist to avoid incompatible development-specific roles through limiting and reviewing developer privileges to change hardware, software and firmware components within a production/operational environment.

Control Question

Does the organization avoid incompatible development-specific roles through limiting and reviewing developer privileges to change hardware, software and firmware components within a production/operational environment?

Control Metadata

Domain:

Human Resources Security

Validation Cadence:

Annual

Evidence Request List:

E-HRS-25

Have questions about this control?

Ask CISOBot for implementation guidance and best practices