T7.5.1 - CONTROL OF OPERATIONAL SOFTWARE Implementation Guidance
The entity shall control the installation of software on operational systems.
Back to T7.5.1 - P4 - CONTROL OF OPERATIONAL SOFTWARE
To minimize the risk of corruption to operational systems, the following guidelines should be considered to control changes:
- A. The updating of the operational software, applications, and program libraries should only be performed by trained administrators upon appropriate management authorization
- B. Operational systems should only hold approved executable code, and not development code or compilers
- C. Applications and operating system software should only be implemented after extensive and successful testing; the tests should include tests on usability, security, effects on other systems and user-friendliness, and should be carried out on separate systems; it should be ensured that all corresponding program source libraries have been updated
- D. A configuration control system should be used to keep control of all implemented software as well as the system documentation
- E. A rollback strategy should be in place before changes are implemented
- F. An audit log should be maintained of all updates to operational program libraries
- G. Previous versions of application software should be retained as a contingency measure
- H. Old versions of software should be archived, together with all required information and parameters, procedures, configuration details, and supporting software for as long as the data is retained in archive
Vendor supplied software used in operational systems should be maintained at a level supported by the supplier. Over time, software vendors will cease to support older versions of software. The entity should consider the risks of relying on unsupported software.
Any decision to upgrade to a new release should take into account the business requirements for the change, and the security of the release, i.e. the introduction of new security functionality or the number and severity of security problems affecting this version. Software patches should be applied when they can help to remove or reduce security weaknesses.
Physical or logical access should only be given to suppliers for support purposes when necessary, and with management approval. The supplier’s activities should be monitored. Computer software may rely on externally supplied software and modules, which should be monitored and controlled to avoid unauthorized changes, which could introduce security weaknesses.
