GitLab's policies and standards are reviewed, approved by management, and communicated to authorized personnel biannually.
The purpose of this control is to ensure GitLab's policies and procedures are kept up-to-date and relevant, changes are appropriately reviewed and approved, and GitLab team-members have a way to track those changes.
For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.
For all reference links relevant to this control, refer to the full guidance documentation.
For examples of evidence an auditor might request, refer to the full guidance documentation.