From 915544346396db2d48379dc7f2c12338cf690483 Mon Sep 17 00:00:00 2001 From: Benjamin Ruland Date: Mon, 18 Dec 2023 14:26:35 +0100 Subject: [PATCH] Defined notes and rules for control BSI APP4.4.A10 --- controls/bsi_app_4_4.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/controls/bsi_app_4_4.yml b/controls/bsi_app_4_4.yml index bf3d3da777e..d6dbec81e3d 100644 --- a/controls/bsi_app_4_4.yml +++ b/controls/bsi_app_4_4.yml @@ -184,8 +184,9 @@ controls: start pods via automation software, this SHOULD be done for each group through separate processes that only have the rights necessary for the respective user group. notes: >- - TBD - status: pending + This control needs to be adressed on an organizational level. All service accounts used by + automation software need to adhere to the principle of least privilege. + status: not applicable rules: [] - id: APP.4.4.A11