ISO/IEC 27000 Access to Source Code, v2022
Specifies requirements in accordance with the security and privacy controls specified by ISO/IEC Publication 27001:2022, related to access to source code.
Assessment Step
|
1
Access to Source Code (AccesstoSourceCode)
Is read and write access to source code, development tools, and software libraries appropriately managed?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) and supporting notes as appropriate to support the assessor's response to this assessment step.
|
Conformance Criteria (1)
|
Access to Source Code
Read and write access to source code, development tools and software libraries shall be appropriately managed.
Citations
27001
Annex A, Control 8.4
27002
Section 8.4
|