Change Control in an Agile DevOps environment
Assign topic to the user
Answer:
The Change Management Policy template included in your toolkit can be adapted to the requirements of Agile DevOps environment. You only have to see the included comments in the template to see where you can include your specific requirements. By following the guidance of the comments you can adapt the Change Management Policy to support Agile DevOps environment while in compliance with ISO 27001. This template is located in folder 8. Annex A, subfolder A.12 Operations security
This article will provide you further explanation about change control:
- How to manage changes in an ISMS according to ISO 27001 A.12.1.2 https://advisera.com/27001academy/blog/2015/09/14/how-to-manage-changes-in-an-isms-according-to-iso-27001-a-12-1-2/
These materials will also help you regarding change control:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Integrating the Risk Management Framework (RMF) with DevOps https://resources.sei.cmu.edu/asset_files/Presentation/2018_017_001_517074.pdf
- NIST Special Publication 800-53 (Rev. 4) - CM-3 CONFIGURATION CHANGE CONTROL https://nvd.nist.gov/800-53/Rev4/control/CM-3
Comment as guest or Sign in
Nov 29, 2018