>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SLC-02Source Code Management

>Control Description

Source code is managed with Organization-approved version control mechanisms.

Theme

Process

Type

Preventive

Policy/Standard

Secure Development Lifecycle Policy

>Implementation Guidance

1. Ensure there is a documented organization's source code security standard and it is updated on need to know basis. 2. Ensure source code repositories used by service team as per the approved version control mechanisms/systems.

>Testing Procedure

1. Inspect Organization's Source Code Security Standard to determine whether requirements for Organization-approved version control software are in place. 2. For a sample of services, inspect source code repository used by services to determine that source code is managed with Organization-approved version control mechanisms/systems.

>Audit Artifacts

E-SLC-03
E-SLC-04

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

CIS Controls
3

2.7
4.6
12.3

PCI DSS
6

6.1
6.2
6.2.1
6.2.2
6.2.3
6.2.3.1

SOC 2
2

CC6.8
CC8.1

BSI C5
1

DEV-08

Ask AI

Configure your API key to use AI features.