History
- Priority
- should
- Nov 2018
- Removed
- Removed due to duplication of intent of security control 1420.
- 2017
- The ability to transfer information between development, test and production environmentsshould be strictly limited according to a defined and documented policy, with access grantedonly to users with a clear business requirement.
- Control Text Changed. No public explaination.
- 2015
- Agencies should strictly limit the ability to transfer information between development, testand production environments according to a defined and documented policy, with accessgranted only to users with a clear business requirement.