Our internal roadmap shows our current and planned projects and the currently defined components of work for each.
GitLab has adopted an umbrella control framework that provides compliance with a number of industry compliance requirements and best practices. For information about how we developed this framework and a list of all of our security controls, please see the security controls handbook page.
The following are the directly responsible individuals (DRIs) for the different areas within the security compliance team:
If you have any feedback on the security compliance stable counterparts please add a comment to this issue.
Stable counterparts are meant to increase efficiency and consolidate security compliance requests to and from different GitLab teams. The hope is that by having a primary and secondary counterpart for each major stakeholder of the team we can efficiently batch requests and more easily keep up with stakeholder progress and initiatives. A breakdown of each stakeholder team and the related counterparts are below:
|GitLab Team||Primary SecComp counterpart||Backup SecComp counterpart|
|People team (recruiting)||@jblanco2||@nsarosy|
|People team (learning and development)||@jblanco2||@nsarosy|
|People team (onboarding)||@jblanco2||@nsarosy|
**Note: If you have an urgent request and you're not getting a response from the above team tags, the security compliance manager (@jburrows001) has their cell phone number in their slack profile. **