Change Control Log

version author description
v17.12.2024 Phillip Odam compliance_policy.md edited online with Bitbucket
v17.12.2024 Phillip Odam platform_overview.md edited online with Bitbucket
v17.12.2024 Phillip Odam disaster_recovery_policy.md edited online with Bitbucket
v17.12.2024 Phillip Odam data_management_policy.md edited online with Bitbucket
v17.12.2024 Phillip Odam auditing_policy.md edited online with Bitbucket
v17.12.2024 Phillip Odam auditing_policy.md edited online with Bitbucket
v22.10.2024 Kevin Puscas auditing_policy: revised to specify use of AWS Service event and audit trails and specify capturing audit information at each step of multi-step transactions configuration_management_policy: Revise to better explain the shared security model between RH, CD and AWS. data_integrity policy: specify MacOS malware prevention features. Specify that all production data is version controlled data_management_policy: specify that all data stored in AWS S3 is encrypted in rest and transit. Revise to specify that requirements for limited dataset and deidentification of data. disaster_recovery: Added Zach Hill as Operations Manager in Line of Succession. Added Scenario 3 concerning Security Incident/Malware detected. employees_policy: specify that all employee workstations are Apple products. high_availability_policy: Specified use of multi-az serverless components as part of the HA strategy. platform_overview: revised to discuss the shared security model between RH, CD and AWS. policy_management_policy: revise to remove references to DropBox system_access_policy: revised description of how RBAC is implemented via AWS IAM. Added use of OAuth2.0 for Unique user identification. Added policy for passwords in AWS console and RosettaHealth portals.
v29.08.2024 Kevin Puscas testing adding toc to pdf
v04.06.2024 Kevin Puscas added information about hashing sensitive data.
v04.06.2024 Kevin Puscas added policy for passwords in the admin portal
v02.01.2024 Phillip Odam Typo
v02.01.2024 Phillip Odam Removed whitespace
v02.01.2024 Phillip Odam Typo
v28.12.2023 Kevin Puscas updates to polices regarding Addigy MDM, Apple Platform Security Mechanisms and update to ClearDATA scanning frequency
v10.10.2023 Kevin Puscas reformatted markdown
v06.10.2023 Kevin Puscas update pipeline image
v06.10.2023 Kevin Puscas Merge branch 'master' of bitbucket.org:nitorsharks/policies_and_procedures
v06.10.2023 Kevin Puscas update build mech
v06.10.2023 Kevin Puscas update build mech
v11.01.2023 Kevin Puscas revised workstation policies to reflect use of MDM
v20.12.2022 Kevin Puscas edits regarding disclousures and RTO/RPO
v15.12.2022 Kevin Puscas added requirement for use of Oversight
v15.12.2022 Kevin Puscas added specificiton about not sharing encryption keys for maintenance
v15.12.2022 Kevin Puscas added Disaster Recovery Testing policy
v15.12.2022 Kevin Puscas added specific infor to be removed in de-identification
v08.12.2022 Kevin Puscas Revised and clarified based on ENHAC pre-audit review
v29.11.2022 Kevin Puscas clarifications based on ENHAC auditor reviews
v29.11.2022 Kevin Puscas Merge branch 'master' of bitbucket.org:nitorsharks/policies_and_procedures
v29.11.2022 Kevin Puscas Clarification on policies as per ENHAC audit
v07.11.2022 Phillip Odam Revert "bitbucket-pipelines.yml edited online with Bitbucket"
v07.11.2022 Phillip Odam risk_management_policy.md edited online with Bitbucket
v07.11.2022 Phillip Odam compliance_policy.md edited online with Bitbucket
v07.11.2022 Phillip Odam auditing_policy.md edited online with Bitbucket
v07.11.2022 Phillip Odam 3rd_party_policy.md edited online with Bitbucket
v07.11.2022 Phillip Odam 3rd_party_policy.md edited online with Bitbucket
v07.11.2022 Phillip Odam platform_overview.md edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam requirements.txt created online with Bitbucket
v07.11.2022 Phillip Odam mkdocs.yml edited online with Bitbucket
v07.11.2022 Phillip Odam mkdocs.yml edited online with Bitbucket
v07.11.2022 Phillip Odam mkdocs.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v07.11.2022 Phillip Odam bitbucket-pipelines.yml edited online with Bitbucket
v27.10.2022 Kevin Puscas Merge branch 'master' of bitbucket.org:nitorsharks/policies_and_procedures
v27.10.2022 Kevin Puscas typos
v27.10.2022 Phillip Odam Corrected type, changed "depenent" to "dependent"
v27.10.2022 Phillip Odam Corrected typos, changed "use and thier" to "user and their" and "uniqure" to "unique"
v27.10.2022 Phillip Odam Corrected typo, changed "Querterly" to "Quarterly"
v27.10.2022 Phillip Odam Corrected typo, changed "migigate" to "mitigate"
v27.10.2022 Phillip Odam Corrected typo, changed "of" to "or"
v12.10.2022 Kevin Puscas change RosettaHealth Platform change refrences to links between policy documents.
v05.10.2022 Kevin Puscas Added policy covering Emergency access procedure
v03.10.2022 Kevin Puscas add detail on ClearDATA IDS for production add info on code scanning during devops removed line of succession from HA
v13.09.2022 Kevin Puscas audit_policy - specify properties on S3 buckets. Describe use of Athena for audit reporting system_access_policy - re-organized and added iformation on MFA and AWS IAM configuration_management_policy - refactored to reflect shared CM between ClearDATA and RosettaHealt disaster_recovery - add recovery for lambda issue employees_policy - added training opportunities platform_overview - pulled ISMP into own page
v22.08.2022 Kevin Puscas added section on Control of Sensitive Information
v02.08.2022 Kevin Puscas modified: mkdocs.yml modified: docs/platform_overview.md modified: docs/policy_change_log.md
v02.08.2022 Kevin Puscas pulled the information security mgmt plan into a separate doc
v01.08.2022 Kevin Puscas bitbucket-pipelines.yml edited online with Bitbucket
v01.08.2022 Kevin Puscas bitbucket-pipelines.yml edited online with Bitbucket
v01.08.2022 Kevin Puscas bitbucket-pipelines.yml edited online with Bitbucket
v01.08.2022 Kevin Puscas bitbucket-pipelines.yml edited online with Bitbucket
v22.06.2022 Kevin Puscas Merge branch 'master' of bitbucket.org:nitorsharks/policies_and_procedures
v22.06.2022 Kevin Puscas adding header file for change control generation
v22.06.2022 Kevin Puscas bitbucket-pipelines.yml edited online with Bitbucket
v22.06.2022 Kevin Puscas Merge branch 'master' of bitbucket.org:nitorsharks/policies_and_procedures
v22.06.2022 Kevin Puscas fixed for change_control generate
v22.06.2022 Kevin Puscas correct tabbing issue
v22.06.2022 Kevin Puscas bitbucket-pipelines.yml edited online with Bitbucket
v22.06.2022 Kevin Puscas bitbucket-pipelines.yml edited online with Bitbucket
v22.06.2022 Kevin Puscas updates to bitbucket-pipelines.yml file
v22.06.2022 Kevin Puscas implementing auto-generated change log mech
v28.12.2021 Kevin Puscas auditing_policy.md: removed reference to spreadsheet with alerts by component configuration_management_policy.md: changed to specify FreshDesk as repository for configuration changes added that changes to prod env are reflected in realtime in Hava.io, New Relic and Sba. removed Provisioning request must be entered as a task on the TechTeam Worklist board. changed patching processes to reflect new responsibilties between RH and ClearDATA systems_development_lifecycle_process.md: changed to reflect new task tracking mechanism and change management processes. system_access_policy.md: changed monitis reference to new Uptrends and intruder.io monitoriing services change IHE API authentication to include use of sha-1 hash with OID for authentication.
v28.06.2021 Kevin Puscas changed Monitis for Intruder.io