Obmondo logo
  • Why Obmondo
  • Scope of Service
  • Compliance
  • Pricing
  • Features
LoginSignup
Close
  • Why Obmondo
  • Scope of Service
  • Compliance
  • Pricing
  • Features
  • GitHub
LoginSignup
    • Overview
    • 8.1 User Endpoint Devices
    • 8.2 Privileged Access Rights
    • 8.3 Information Access Restriction
    • 8.4 Access to Source Code
    • 8.5 Secure Authentication
    • 8.6 Capacity Management
    • 8.7 Protection Against Malware
    • 8.8 Management of Technical Vulnerabilities
    • 8.9 Configuration Management
    • 8.10 Information Deletion
    • 8.11 Data masking
    • 8.12 Data leakage prevention
    • 8.13 Information backup
    • 8.14 Redundancy of information processing facilities
    • 8.15 Logging
    • 8.16 Monitoring activities
    • 8.17 Clock synchronization
    • 8.18 Use of privileged utility programs
    • 8.19 Installation of software on operational systems
    • 8.20 Networks security
    • 8.21 Security of Network Services
    • 8.22 Segregation of Networks
    • 8.23 Web filtering
    • 8.24 Use of Cryptography
    • 8.25 Secure Development Life Cycle
    • 8.26 Application Security Requirements
    • 8.27 Secure System Architecture & Engineering Principles
    • 8.28 Secure Coding
    • 8.29 Security Testing in Development and Acceptance
    • 8.30 Outsourced Development
    • 8.31 Separation of Development, Test, and Production Environments
    • 8.32 Change Management
    • 8.33 Test Information Security
    • 8.34 Protection of Information Systems During Audit Testing
      • Overview
      • 8.1 User Endpoint Devices
      • 8.2 Privileged Access Rights
      • 8.3 Information Access Restriction
      • 8.4 Access to Source Code
      • 8.5 Secure Authentication
      • 8.6 Capacity Management
      • 8.7 Protection Against Malware
      • 8.8 Management of Technical Vulnerabilities
      • 8.9 Configuration Management
      • 8.10 Information Deletion
      • 8.11 Data masking
      • 8.12 Data leakage prevention
      • 8.13 Information backup
      • 8.14 Redundancy of information processing facilities
      • 8.15 Logging
      • 8.16 Monitoring activities
      • 8.17 Clock synchronization
      • 8.18 Use of privileged utility programs
      • 8.19 Installation of software on operational systems
      • 8.20 Networks security
      • 8.21 Security of Network Services
      • 8.22 Segregation of Networks
      • 8.23 Web filtering
      • 8.24 Use of Cryptography
      • 8.25 Secure Development Life Cycle
      • 8.26 Application Security Requirements
      • 8.27 Secure System Architecture & Engineering Principles
      • 8.28 Secure Coding
      • 8.29 Security Testing in Development and Acceptance
      • 8.30 Outsourced Development
      • 8.31 Separation of Development, Test, and Production Environments
      • 8.32 Change Management
      • 8.33 Test Information Security
      • 8.34 Protection of Information Systems During Audit Testing
      Obmondo

      Open-source platform for security, compliance, and operations — run on any cloud with no vendor lock-in.

      Products

      • Services
      • Features
      • Pricing
      • Compliance
      • Scope of Service

      Company

      • About
      • Solutions Brief
      • Careers
      • Blog
      • Why Obmondo

      Contact

      • info@obmondo.com
      • sales@obmondo.com
      • Talk to us
      • Contact Us

      © 2026 Obmondo. All rights reserved.

      Terms & ConditionsUnsubscribe
      1. compliance
      2. 8.32

      Change Management

      Changes to information processing facilities and information systems should be subject to change management procedures.

      Argo CD GitOps with branch protection

      All changes flow through Git Pull Requests with enforced two-reviewer approval. Branch protection rules prevent direct commits. Every change is version-controlled, auditable, and traceable through Git history.

      Automated testing and staging validation

      Changes are tested and verified in staging environments via Argo CD before production promotion.

      Auto-sync for low-risk, manual approval for production

      Non-critical environments auto-sync from Git. Critical environments require manual sync via Argo CD.

      Auto-sync for low-risk, manual approval for production (Sealed Secrets exception)

      Non-critical environments auto-sync changes directly from Git, while production deployments require manual approval through Argo CD. Sealed secrets are an exception, which are auto-synced to prevent service disruption during application updates.

      On this page

      • Argo CD GitOps with branch protection
      • Automated testing and staging validation
      • Auto-sync for low-risk, manual approval for production
      • Auto-sync for low-risk, manual approval for production (Sealed Secrets exception)