Risk R-008 - Unauthorized access to Documentation Platform
| Field | Value |
|---|---|
| Risk ID | R-008 |
| Asset | Documentation Platform (Platform – Owner: Dev) |
| Scenario | S-012 - Accidental infrastructure misconfiguration or S-004 - Lateral movement from compromised host |
| Likelihood | 🟨 Medium - internal documentation may be accessible if access controls are misconfigured or lateral movement occurs |
| Impact | 🟧 Major - unauthorized access can expose technical information, facilitating further attacks and compromise of sensitive data |
| Risk Level | 🟧 High |
| Owner | Dev / Sec |
| Last Review | 2026-03-08 |
| Next Review | 2026-09-08 |
Associated Controls:
- Enforce RBAC and MFA for all documentation platform accounts.
- Restrict network access to internal users or VPN connections.
- Regularly audit access logs and monitor for abnormal access patterns.
- Apply least privilege principles to documentation repositories.
- Ensure backups are secure and encrypted.
References:
- ISO 27001 - Control 5.1 Policies for information security.
- ISO 27001 - Control 8.2 Privileged access rights.
- ISO 27001 - Control 8.17 Change management.
- NIST CSF - PR.AC Identity Management, Authentication and Access Control.
- NIST CSF - DE.CM Continuous Monitoring.
- NIST CSF - ID.AM Asset Management.
- EBIOS RM - Analysis of risks related to unauthorized access and exposure of knowledge assets.
Response Actions:
- Containment - Immediately revoke compromised credentials and block unauthorized access.
- Eradication - Remove malicious access points and verify audit logs for potential data exfiltration.
- Recovery - Restore affected documentation from secure backups if integrity is compromised.
- Post-incident - Conduct root cause analysis, update access policies, and reinforce monitoring.