View on Github
Deployment Controls

Deployment Controls #

Control ID: SDLC-CTRL-0013 | Type: Preventive

Summary #

Deployment controls are enforced in the pipeline and at runtime to ensure only compliant, approved software is deployed to production.

Mitigates Risk

SDLC-RISK-0001:
Supply Chain Compromise
SDLC-RISK-0002:
Insider Threat
SDLC-RISK-0003:
Unauthorised Deployment
SDLC-RISK-0008:
Configuration Drift

Description #

Deployment controls automatically ensure that only software which has gone through the complete Software Development Lifecycle reaches production. This can be implemented as a gate in the CI/CD pipeline, as an admission controller in the runtime environment, or ideally both.

Pipeline gates verify that all required attestations (tests, reviews, scans, approvals) are present and passing before allowing deployment. Runtime monitoring provides a second layer of assurance, alerting when non-compliant or unauthorised workloads are detected in production.

Deployment Controls

Requirements #

  • Deployment pipelines MUST verify that all required compliance attestations are present and passing before deploying to production
  • Artefact identity MUST be verified using cryptographic hashes at the point of deployment
  • Non-compliant or unauthorised workloads in production MUST generate alerts
  • Deployment controls SHOULD be implemented both as pipeline gates and runtime admission controls

How we implement this control #

Compliance Frameworks #

NIST SP 800-53 Rev. 5
  • CM-3 — Configuration change control — deployment controls enforce that only approved changes reach production.
  • CM-5 — Access restrictions for change — deployment gates restrict which artefacts are permitted in production.
  • SA-10 — Developer configuration management — ensures that the software built and tested is the same software deployed.
  • SI-7 — Software and information integrity — deployment controls verify artefact integrity before allowing deployment.
  • CA-7 — Continuous monitoring — runtime compliance monitoring alerts on non-compliant workloads.
SOC 2 Type II
  • CC8.1 — Requires controlled migration of changes to production; deployment controls enforce that only compliant artifacts are deployed.
  • CC6.1 — Requires logical access controls; deployment controls restrict who and what can deploy to production environments.
The Secure SDLC Process Template is maintained by
© Kosli 2026, all rights reserved
CCPA Do not sell my info