Add RED data security requirement to code review

closes #8608
author: Philippe Lafoucrière <philippe.lafoucriere@tech-angels.com> 2018-11-28 23:19:45 +0300
committer: Philippe Lafoucrière <philippe.lafoucriere@tech-angels.com> 2018-11-28 23:19:45 +0300
commit: 62fd842c6565e95e269b80b6cb776c537484c830 (patch)
tree: 6bde63ffaaaa5f5a12082f0d66303e01502955c1 /doc/development/code_review.md
parent: b8e5acb2fc5639666165e2b29e164b6aaa1bccc0 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/development/code_review.md b/doc/development/code_review.md
index df2cb30c5d6..fd8c8091ca2 100644
--- a/doc/development/code_review.md
+++ b/doc/development/code_review.md
@@ -53,6 +53,8 @@ from teams other than your own.
 
 #### Security requirements
 
+   1. If your merge request is processing, storing, or transferring any kind of [RED or ORANGE data][https://docs.google.com/document/d/15eNKGA3zyZazsJMldqTBFbYMnVUSQSpU14lo22JMZQY/edit] (this is a confidential document), it must be
+      **approved by a [Security Engineer][team]**.
    1. If your merge request involves implementing, utilizing, or is otherwise related to any type of authentication, authorization, or session handling mechanism, it must be
       **approved by a [Security Engineer][team]**.
    1. If your merge request has a goal which requires a cryptographic function such as: confidentiality, integrity, authentication, or non-repudiation, it must be
author	Philippe Lafoucrière <philippe.lafoucriere@tech-angels.com>	2018-11-28 23:19:45 +0300
committer	Philippe Lafoucrière <philippe.lafoucriere@tech-angels.com>	2018-11-28 23:19:45 +0300
commit	62fd842c6565e95e269b80b6cb776c537484c830 (patch)
tree	6bde63ffaaaa5f5a12082f0d66303e01502955c1 /doc/development/code_review.md
parent	b8e5acb2fc5639666165e2b29e164b6aaa1bccc0 (diff)