Audit and Assurance

Framework for tagging host function

  • 1.  Framework for tagging host function

    Posted 12 Feb, 2020 06:25
    Colleagues, what have you found to be a successful framework to tag hosts (and devices) by function, a requirement under various audit frameworks (DOD, FedRamp, PCI, etc.). A host or device (whether physical appliance or deployed on a Virtual Machine) can serve many roles, and identifying that role explicitly is an important aspect of continuous assurance and compliance. For example, load balancers, proxies, routers, web / application servers, container worker node, etc.

    Does anyone have a comprehensive list of tags and/or a framework to apply such tagging? Thanks in advance.


    ------------------------------
    Nick D.
    Product Owner
    ------------------------------