IVS-08: Production / Non-Production Environments
Control Family:
Threats Addressed:
Control Statement
Production and non-production environments shall be separated to prevent unauthorized access or changes to information assets. Separation of the environments may include: stateful inspection firewalls, domain/realm authentication sources, and clear segregation of duties for personnel accessing these environments as part of their job duties.