Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

Change Control in an Agile DevOps environment

  Quote
Guest
Guest user Created:   Nov 29, 2018 Last commented:   Nov 29, 2018

Change Control in an Agile DevOps environment

I wondered if you had any resources on implementing Changing Control in an Agile DevOps environment, whilst complying with ISO 27001 please?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 29, 2018

Answer:

The Change Management Policy template included in your toolkit can be adapted to the requirements of Agile DevOps environment. You only have to see the included comments in the template to see where you can include your specific requirements. By following the guidance of the comments you can adapt the Change Management Policy to support Agile DevOps environment while in compliance with ISO 27001. This template is located in folder 8. Annex A, subfolder A.12 Operations security

This article will provide you further explanation about change control:
- How to manage changes in an ISMS according to ISO 27001 A.12.1.2 https://advisera.com/27001academy/blog/2015/09/14/how-to-manage-changes-in-an-isms-according-to-iso-27001-a-12-1-2/

These materials will also help you regarding change control:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Integrating the Risk Management Framework (RMF) with DevOps https://resources.sei.cmu.edu/asset_files/Presentation/2018_017_001_517074.pdf
- NIST Special Publication 800-53 (Rev. 4) - CM-3 CONFIGURATION CHANGE CONTROL https://nvd.nist.gov/800-53/Rev4/control/CM-3

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 29, 2018

Nov 29, 2018