Administrator access to the production system is granted based on job roles and responsibilities and limited to authorized personnel.
Context
Administrator Access is defined as a level of access above that of a normal user. Use of Administrator Access should be consistent with an individual’s role or job responsibilities at GitLab. When a team member's role or job responsibilities change, their Administrator Access should be appropriately updated or removed. In situations where it is unclear whether a particular action is appropriate, and within the scope of current job responsibilities, the situation should be discussed with management. The spirit of this control is to ensure there's a process in place so that all additions and updates to the production environment, are appropriately reviewed and approved before being merged.
Scope
This control applies to any system or process where source code can be modified.
Ownership
Control owner:
Engineering
Infrastructure
Process owner:
Infrastructure Team
All engineering teams
IT-Ops
Guidance
Establish and administer privileged user accounts in accordance with role-based access scheme that organizes information system and network privileges into roles
Track and monitor privileged role assignments.
Priveleged access to production is granted only after review and approval by manager
Implement separation of duties through assigned information system access authorizations
Possible evidence an auditor would request
Handbook links and other relevant documentation and links
Policy and Process documents proving that Administrator access to the production system is granted based on job roles and responsibilities and limited to authorized personnel.
Example - Merge requests or templates showing authorized access and appropriate approval.
Additional control information and project tracking
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Source Code Security control issue.
