Version: 3.0
Valid until: 2025-04-10
Classification: Low
3.0 | Edward Robinson | Additions/changes as part of the annual review. No changes were made. |
In the interest of all the stakeholders, the top management of anDREa B.V. (hereafter called anDREa) is actively committed to demonstrably maintain and continually improve an information management system in accordance with the requirements of the ISO 27001:2017.
The purpose of this document is to describe the secure system engineering principles.
This document will be reviewed at least annually and when significant change happens.
The objectives of this control are:
To ensure that information security is designed and implemented within the development lifecycle of information systems (A.14.2).
The scope of this document corresponds to Clause 4 Context of the organisation.
This document is:
required reading for:
all employees and contractors of anDREa.
available for all interested parties as appropriate.
Fundamental principles
The fundamental principles are documented and explained in anDREa’s Security Manifesto, Foundation for Audit Recording, and GDPR Compliance Assessment. Ultimately, these principles drive the development of myDRE.
Access principles
This applies but is not limited to the following environments: Development, Test, Acceptance, Production.
Least privileged.
RBAC.
Authorisation always via MFA.
Logging according to Assessment Framework for Services.
Design principles
Within the boundaries set in Fundamental principles:
Least privileged.
RBAC.
Design for containment.
Authorisation always via MFA.
Logging according to Assessment Framework for Services.
(Self-service) Workspace changes in configuration are always:
Deliberate.
Suiting the role following the least-privileged principle.
Clearly informative on impact on security, auditability and if applicable what the authorised should/can do to be more compliant and to reduce the risk.
Logs the consent.
Are much easier to revert to default.
Design must be based on user and anti-user stories.
Design must have acceptance criteria.
Isolate functionalities and design to be switched off without affecting the rest of myDRE.
Development principles
Based on designed features.
Clean code.
Well documented.
Peer reviewed.
According to naming conventions and code structure set by senior anDREa developers.
Isolated from Test, Acceptance and Production environment.
No data from Production can be used.
Test principles
Based on user and anti-user stories.
Based on acceptance criteria.
Well-documented.
Isolated from Development, Acceptance and Production environment.
No data from Production can be used.
Acceptance principles
Smoke test.
Verify the functionality from user perspective and expectation.
Isolated from Development, Test and Production environment.
Deployment (to production) principles
Smoke test.
On demand access to the Core only.
Inform Support Teams
Ensure proper documentation can be found by users.
In case of an unexpected event during or much later:
Switch off functionality, or
Revert back.
anDREa People - Asset overview (authorised personnel only).
Design documentation.
Sprint board, sprint review, sprint planning (authorised personnel only).
Acceptance criteria (authorised personnel only).
Test plans (authorised personnel only).