Skip to main content

SP-R-1 — Operator denies configuration changes

Component: Policy Engine. Mitigations: No audit log for configuration file changes. Action: Log configuration hash at startup; integrate configuration changes with SDLC change management

PropertyValue
SectionRepudiation
Ownerplatform

Mapped Controls

ControlTitle
SID-AUDIT-01Structured Security Event Logging
SID-OPS-05Secure Configuration Management

Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md