N/A
Source
Chain Bench
ID
1.3
Version
cis-1.0

1.3 Contribution Access

1.3.1 Ensure inactive users are reviewed and removed periodically

For each repository in use, review inactive user accounts (members that left the organization, etc.) and remove them.

1.3.3 Ensure minimum admins are set for the organization

Set the minimum number of administrators in your organization.

1.3.5 Ensure the organization is requiring members to use MFA

Use the built-in setting to set the enforcement of Multi-Factor Authentication for each member of the organization.

1.3.7 Ensure 2 admins are set for each repository

For every repository in use, set two administrators.

1.3.8 Ensure strict base permissions are set for repositories

Set strict base permissions for the organization repositories — either “None” or “Read.”

1.3.9 Ensure an organization’s identity is confirmed with a Verified badge

Verify the organization’s domains and secure a “Verified” badge next to its name.