Has the system been fully tested/accredited to ensure that it cannot be compromised using technical tools?
All content changes have to be conducted via NEG staff who are authenticated with two factor and all code change deployments are peer reviewed by the development team before entering production.