Conduct network certifications prior to approving change requests for networks.
CONTROL ID 13121
CONTROL TYPE Process or Activity
CLASSIFICATION Detective
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Perform risk assessments prior to approving change requests., CC ID: 00888
This Control has the following implementation support Control(s):
Analyze mitigating controls for vulnerabilities in the network when certifying the network., CC ID: 13126
Collect data about the network environment when certifying the network., CC ID: 13125
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
Network certification should be conducted when requesting local area network (LAN)/wide area network (WAN) additions or changes to AIsâ corporate network. The additions or changes cover dial-in/out ports, switches, terminal servers, gateways/servers, routers, extranets and the public internet. The… (6.2.4, Hong Kong Monetary Authority: TM-G-1: General Principles for Technology Risk Management, V.1 â 24.06.03)