2 — Technology Operations and Resilience
35 controls in the Technology Operations and Resilience category
2Technology Operations and Resilience Outcome
2.1Technology Architecture Framework
2.1.1IT Architecture Governance Principles
2.1.2Secure and Resilient Architecture Design
2.2Technology Asset Management
2.2.1Asset Management Standards
2.2.2Asset Inventory and Classification
2.2.3Configuration Management
2.2.4Secure Asset Disposal
2.2.5Technology Currency Monitoring
2.3Technology Project Management
2.3.1Project Management Framework
2.4System Development Life Cycle
2.4.1SDLC Framework Controls
2.4.2Security-by-Design in SDLC
2.4.3Integrated Application Security
2.4.4Acquired Software Security Assessment
2.4.5Secure Coding Practices
2.5Change and Release Management
2.5.1Change Management Controls
2.5.2Segregation of Duties
2.5.3Change Record Traceability
2.6Patch Management
2.6.1Patch Management Process
2.7Technology Incident Management
2.7.1Incident and Problem Management Standards
2.7.2Incident Response Procedures
2.7.3Problem Management and Root Cause Analysis
2.8Technology Service and Capacity Management
2.8.1Service Management Standards
2.8.2Performance and Capacity Monitoring
2.9Enterprise Disaster Recovery Program
2.9.1Disaster Recovery Planning
2.9.2Disaster Recovery Dependencies
2.9.3Disaster Recovery Testing