IAO-07 ยท Security Authorization

Control Description

Mechanisms exist to ensure Technology Assets, Applications and/or Services (TAAS) are officially authorized prior to "go live" in a production environment.

Control Question
Assessment question for control validation

Does the organization ensure Technology Assets, Applications and/or Services (TAAS) are officially authorized prior to "go live" in a production environment?

Control Weighting
10
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 1 - Strategic
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: IAO-07
ESP Level 1: IAO-07
ESP Level 2: IAO-07
ESP Level 3: IAO-07
Additional Metadata
Applicability (Process):
x
Errata & Additional Notes

- wordsmithed control