CISOBot - Your AI CISO Assistant

TDA-04

Documentation Requirements

Weight: 8/10

Description

Mechanisms exist to obtain, protect and distribute administrator documentation for Technology Assets, Applications and/or Services (TAAS) that describe: (1) Secure configuration, installation and operation of the TAAS; (2) Effective use and maintenance of security features/functions; and (3) Known vulnerabilities regarding configuration and use of administrative (e.g., privileged) functions.

Control Question

Does the organization obtain, protect and distribute administrator documentation for Technology Assets, Applications and/or Services (TAAS) that describe: (1) Secure configuration, installation and operation of the TAAS; (2) Effective use and maintenance of security features/functions; and (3) Known vulnerabilities regarding configuration and use of administrative (e.g., privileged) functions?

Control Metadata

Domain:

Technology Development & Acquisition

Validation Cadence:

Annual

Evidence Request List:

E-CPL-06 E-TDA-06 E-TDA-10

Framework Mappings

This control maps to the following compliance frameworks

MAS TRM

6.1.4

HKIA GL20

4.14.24.36.16.2

Have questions about this control?

Ask CISOBot for implementation guidance and best practices