AI3.2 Infrastructure Resource Protection and Availability
Apply security and auditability measures during infrastructure and software implementation to ensure system integrity and availability and resource protection. Define roles and responsibilities for the operation of sensitive components and continually monitor and evaluate use.
Illustrative Controls and the TIBCO LogLogic Solution
Implementing controls during system integration and installation helps ensure that the integrity of systems and data.
To satisfy this objective, organizations should ensure the proper separation of responsibilities and environments for testing, development, and production operation. Implementation plans should include security and availability controls. Production deployment and change should be controlled through reviews, approvals, and accompanying rollback plans. Access to and maintenance of financial systems and supporting infrastructure must be monitored and logged.