Are Oracle Communications Design Studio installation components accessible only to users?
Have model variables been used in cartridge designs?
Are sensitive variables marked sensitive?
Is sensitive information excluded from the Design Studio documentation?
Has the Cartridge Management web service been configured to use SSL?
Is a source control system in place?
Does the source control system restrict access to specific users?
Is user-specific source control change tracking enabled?
Do user-accessible update sites require user-specific authentication?
Do the following file and folder permissions restrict access to authorized users or specific components?
Package installation
Design Studio features
Run-time cartridge archives
Source control repository
Design Studio project data files