The Test Manager will ensure the changes to the application are assessed for IA and accreditation impact prior to implementation.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-16825 | APP5040 | SV-17825r1_rule | DCII-1 | Medium |
| Description |
|---|
| IA assessment of proposed changes is necessary to ensure security integrity is maintained within the application. |
| STIG | Date |
|---|---|
| Application Security and Development Checklist | 2014-12-22 |
Details
| Check Text ( C-17824r1_chk ) |
|---|
| Interview the application representative and determine if changes to the application are assessed for IA impact prior to implementation. Review the CCB process documentation to ensure potential changes to the application are evaluated to determine impact. An informal group may be tasked with impact assessment of upcoming version changes. 1) If impact analysis is not performed, it is a finding. |
| Fix Text (F-17141r1_fix) |
|---|
| Assess changes to the application for IA impact prior to implementation. |