Applicable

(Y)es / (N)o

(C)onfidentiality

(I)ntegrity

(A)vailability

RPN

(C+I+A)

(S)atisfactory

L1

M2

H3

L1

M2

H3

L1

M2

H3

(O)ther than satisfactory +##

cm-4(1)

security impact analysis  | separate test environments

assessment objective:

Determine if the organization:

cm-4(1)[1]

analyzes changes to the information system in a separate test environment before implementation in an operational environment;

cm-4(1)[2]

when analyzing changes to the information system in a separate test environment, looks for security impacts due to:

cm-4(1)[2][a]

flaws;

cm-4(1)[2][b]

weaknesses;

cm-4(1)[2][c]

incompatibility; and

cm-4(1)[2][d]

intentional malice.

potential assessment methods and objects:

Examine: [select from: Configuration management policy; procedures addressing security impact analysis for changes to the information system; configuration management plan; security impact analysis documentation; analysis tools and associated outputs information system design documentation; information system architecture and configuration documentation; change control records; information system audit records; documentation evidence of separate test and operational environments; other relevant documents or records].

Interview: [select from: Organizational personnel with responsibility for conducting security impact analysis; organizational personnel with information security responsibilities; system/network administrators].

Test: [select from: Organizational processes for security impact analysis; automated mechanisms supporting and/or implementing security impact analysis of changes].