This section discusses guidelines for controlling entries to see source code, associated items, and tools to prevent corruption and ensure data security. Access to these items should be tightly managed, and source code writing or access should be granted based on the organization’s needs. Source code storage is recommended, and access to externally located code archives should be limited. Access to source libraries for programs should be managed according to relevant protocols, and altered source code should exist only after the necessary authorization is granted. Additional controls, such as keeping a log for audits and using digital signatures, should be used when publishing any program’s source code.