16 docs tagged with "ISO 27001"

Check whether automation ownership and access boundaries are clear enough to support accountability.

Check whether automation connections appear limited to the access they actually need.

Encourage automation designs that are easier to maintain, review, and safely change.

Encourage automations to preserve failed work for investigation and recovery instead of dropping it.

Highlight automations with broad external dependency footprints that may be harder to operate reliably.

Check whether automations rely on supported, appropriate modules and approved connector choices.

Check whether automations validate important data before sending it to business systems.

Check whether automations handle data-related failures in a controlled, recoverable way.

Highlight automations that may be vulnerable to schema or mapping changes.

Check whether important automation failures can notify the right people quickly.

Encourage logging and observability so teams can troubleshoot issues and retain useful history.

Highlight OAuth connections that may stop working because token maintenance is not in place.

Check whether automations validate and sanitize untrusted input before acting on it.

Check whether public inbound automation endpoints require authentication.

Identify additional signs that sensitive values may be exposed or stored unsafely.

Highlight automations with recurring failure activity that may not be well contained.