Add RED data security requirement to code review

closes #8608

Add RED data security requirement to code review
closes #8608
62fd842c · Philippe Lafoucrière · b8e5acb2 · 62fd842c
Commit 62fd842c authored Nov 28, 2018 by Philippe Lafoucrière
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

doc/development/code_review.md doc/development/code_review.md +2 -0

No files found.
--- a/doc/development/code_review.md
+++ b/doc/development/code_review.md
@@ -53,6 +53,8 @@ from teams other than your own.

 #### Security requirements

+   1. If your merge request is processing, storing, or transferring any kind of [RED or ORANGE data][https://docs.google.com/document/d/15eNKGA3zyZazsJMldqTBFbYMnVUSQSpU14lo22JMZQY/edit] (this is a confidential document), it must be
+      **approved by a [Security Engineer][team]**.
   1. If your merge request involves implementing, utilizing, or is otherwise related to any type of authentication, authorization, or session handling mechanism, it must be
      **approved by a [Security Engineer][team]**.
   1. If your merge request has a goal which requires a cryptographic function such as: confidentiality, integrity, authentication, or non-repudiation, it must be