FociSolutions / github-foundations

A framework for managing your GitHub Enterprise account infrastructure.
MIT License
10 stars 1 forks source link

[Doc] Updates the Guardrails docs with TBS feedback #105

Closed bzarboni1 closed 4 months ago

bzarboni1 commented 5 months ago

ISSUE

Part of the feedback received on the GitHub PBMM Assessment, was that the wrong policy was used to select the correct ITSG controls for assessment. The original assessment had used a GoC policy website that has been replaced by The CCCS' ITSP.50.105 - Guidance on cloud security assessment and authorization

As such, and additional 122 Controls needed to be considered, and new control families needed to be included.

Given the above, the SCM Guardrails needs to be modified to incorporate the newly included controls