...
- Exception granted in cases of non-applicability.
- Exception granted in cases where another security mechanism specified in the blueprint and implemented mitigates the risk.
- Exceptions requested for cases above must be approved by the security sub-committee.
- Exceptions must be submitted require a minimum maximum of 21 days prior to releasereview.
- The formal email date received, requesting a maturity review would be the Maturity Request date and this would define the set of security requirements that apply.
- Note: Critical vulnerabilities/security items, as categorized by the Akraino Security Sub-Committee, must be fixed even if found inside lock out window.
...