Requirements for confidentiality or non-disclosure agreements reflecting the organization’s needs for the protection of information shall be identified, regularly reviewed and documented.
This control provides GitLab a written, signed agreement with a vendor that non-disclosure of confidential information will be disseminated to outside parties.
This control applies to all information shared with third parties that interact with the GitLab production environment.
Maintain current copies of non-disclosure agreements between GitLab and vendors for each non-GitLab service used by the company where confidential information is shared with the vendor.
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Vendor Non-Disclosure Agreement control issue.