Managing Program Source Libraries

Managing the directory areas within your system where the source code and object code of your live and development systems are held. Live and development libraries must always be kept separate.

To view the related Policy click      

  • Lack of the source code can make it difficult or impossible to maintain your systems.

  • Ensure that for critical systems the source code is available, or would be made available were the software vendor to fail / cease trading etc. See Escrow.
  • Live source libraries should be updated by designated staff only, who are independent of those developing software, and those using it for production.
  • Ensure that such updates follow strict procedures, dual control being the minimum safeguard.
  • Use technical safeguards, including those within your operating system, such as directory and / or file restrictions, to prevent unauthorised entry to the live source library.
  • Implement procedures for updating your source library which provide an audit trail.
  • Make Backup copies of the Program Source Libraries including safeguard copies off-site at the remote store.
  • Retain the last two or three historic versions of each source file, to permit the return to the old software version if necessary. See Controlling Old Versions of Programs.
  • Consider using a software library package to help meet the above requirements.
  • Unauthorised amendment of source code can result in system failures and / or malicious damage.

  • Updating of the live Source libraries should be by designated staff, independent of those developing software, and those using it for production.
  • Ensure that any updates follow strict procedures, dual control being the minimum safeguard.
  • Use technical safeguards, including those within your operating system, such as directory and / or file restrictions, to prevent unauthorised entry to the source library.
  • Implement procedures for updating your source library which provide an audit trail.
  • Employ checksums so that unauthorised amendments can readily be detected.
Previous PageTop of this pageNext Page


Information Security Policies from US$595

 From
 US$595

Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word

 

Next PageUpPrevious Page