CM-06 Change Management
SoD in Changes (Dev ≠ Deployer)
The author of a change cannot unilaterally release it.
- Domain
- Change Management
- Control type
- Preventive
- Automated / manual
- Hybrid
- Frequency
- Continuous
- Framework reference
- COBIT BAI06; MAS TRM – Change
What good looks like
Developers cannot deploy own code to prod; deployment via independent function or gated pipeline.
Risk if it fails
Unauthorised/unreviewed code in production; fraud.
How Tess tests it
3 tests — each concludes only on cited evidence.
Deployment segregation designed
Design- Procedure
- Inspect the deployment model.
- Expected
- Developers cannot self-deploy to prod.
- Sample
- 1 (design inspection)
- Evidence
- Pipeline access config, deployment logs, approvals.
Developers lack standing prod-deploy rights
Operating- Procedure
- Inspect deploy access.
- Expected
- No prod-deploy access for developers.
- Sample
- 25 (or full config inspection)
- Evidence
- Pipeline access config, deployment logs, approvals.
Deployments executed independently/gated
Operating- Procedure
- Sample deployments.
- Expected
- Independent function or gated pipeline.
- Sample
- 25 (or full config inspection)
- Evidence
- Pipeline access config, deployment logs, approvals.
Evidence Tess looks for
Pipeline access config, deployment logs, approvals.
More in Change Management
Want Tess to test CM-06 against your evidence?
Book a demo