Closed bzarboni1 closed 2 months ago
Part of the feedback received on the GitHub PBMM Assessment, was that the wrong policy was used to select the correct ITSG controls for assessment. The original assessment had used a GoC policy website that has been replaced by The CCCS' ITSP.50.105 - Guidance on cloud security assessment and authorization
As such, and additional 122 Controls needed to be considered, and new control families needed to be included.
Given the above, the SCM Guardrails needs to be modified to incorporate the newly included controls
ISSUE
Part of the feedback received on the GitHub PBMM Assessment, was that the wrong policy was used to select the correct ITSG controls for assessment. The original assessment had used a GoC policy website that has been replaced by The CCCS' ITSP.50.105 - Guidance on cloud security assessment and authorization
As such, and additional 122 Controls needed to be considered, and new control families needed to be included.
Given the above, the SCM Guardrails needs to be modified to incorporate the newly included controls