22 lines
744 B
Markdown
22 lines
744 B
Markdown
# Quarterly Drift Control
|
|
|
|
## Identity
|
|
|
|
- Rotate high-value credentials and invalidate old material.
|
|
- Re-evaluate role scopes; remove privileges that became “default”.
|
|
|
|
## Backup reality check
|
|
|
|
- Perform a full restore drill of at least one critical system.
|
|
- Verify restore validation steps still match reality.
|
|
|
|
## Infra sanity
|
|
|
|
- Identify and remove orphaned resources (accounts, hosts, services).
|
|
- Confirm all critical infrastructure is reproducible from `ops/`.
|
|
|
|
## Law anchor
|
|
|
|
- Confirm doctrine is anchored via verifiable receipts under `70-audits/reports/ledger/`.
|
|
- Verify at least one recent receipt with witness requirement: `ledger verify-receipt --receipt 70-audits/reports/ledger/<file>.receipt.json --require-attestation`.
|