1
0
mirror of https://github.com/strongdm/comply synced 2024-11-16 21:04:54 +00:00
comply/example/policies/application.md

33 lines
907 B
Markdown
Raw Permalink Normal View History

2018-05-11 20:25:46 +00:00
name: Application Security Policy
acronym: ASP
satisfies:
TSC:
- CC6.2
majorRevisions:
- date: Jun 1 2018
comment: Initial document
---
# Overview
The Application Security Policy governs the use of applications deemed critical to {{.Name} Information Security.
# Critical Applications
The following applications are within the scope of this policy:
* GitHub
* Slack
* Google Apps
Applications supporting production data operations (specifically the AWS Console) are deliberately excluded from this policy.
# Data Sensitivity
Any company proprietary data may be stored within these *[Critical Applications]*.
Customer support activities must be conducted entirely within the *[Critical Applications]*.
# Other Applications
Other applications not listed in *[Critical Applications]* may include company proprietary data, but must not contain any customer support or customer-owned data.