Commit f35415b1 authored by Jeff Burrows's avatar Jeff Burrows 👶

Iterate on control and add issue link

parent e1fff9e7
Pipeline #81414105 passed with stages
in 28 minutes and 52 seconds
......@@ -29,16 +29,13 @@ This control applies to all GitLab endpoint workstations as well as virtual asse
* Infrastructure owns the system and service portions of this control
## Implementation Guidance
## Guidance
The scope of this control is broad by design. Asset inventories are the source of truth for what team-member workstations, systems, and services constitute GitLab as a company. If we want to verify if we are collecting logs on 100% of the systems we are required to collect logs for, this inventory allows us to cross reference the logs we have with all the systems for which these logs should exist.
## Reference Links
## Additional control information and project tracking
* [Workstation management vendor evaluation](https://gitlab.com/gitlab-com/business-ops/itops/issue-tracker/issues/130)
* [GitLab's architecture overview](https://docs.gitlab.com/ee/development/architecture.html)
* [GitLab's production architecture page](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/)
* [AM.1.01 Gap Analysis Issue](https://gitlab.com/gitlab-private/sec-compliance/gcf-gap-analysis/issues/69)
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the [Inventory Management control issue](https://gitlab.com/gitlab-com/gl-security/compliance/compliance/issues/761).
## Framework Mapping
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment