TDA-08
Separation of Development, Testing and Operational Environments
Description
Mechanisms exist to manage separate development, testing and operational environments to reduce the risks of unauthorized access or changes to the operational environment and to ensure no impact to production Technology Assets, Applications and/or Services (TAAS).
Control Question
Does the organization manage separate development, testing and operational environments to reduce the risks of unauthorized access or changes to the operational environment and to ensure no impact to production Technology Assets, Applications and/or Services (TAAS)?
Control Metadata
Domain:
Technology Development & Acquisition
Validation Cadence:
Annual
Framework Mappings
This control maps to the following compliance frameworks
MAS TRM
5.7.3
HKIA GL20
4.14.24.36.16.2