Use BSI version of description for SYS.1.6.A12 and SYS.1.6.A13

controls/bsi_sys_1_6.yml

@@ -194,14 +194,12 @@ controls:
     levels:
     - standard
     description: >-
-      (1) There SHOULD be adequate documentation of which image sources have been classified
-      as trustworthy and why.
-      (2) In addition, the process SHOULD be adequately documented as to how images
-      or the software components contained in the image are obtained from trustworthy
-      sources and ultimately made available for production use.
-      (3) The images used SHOULD have metadata that makes the function and history of
-      the image understandable.
-      (4) Digital signatures SHOULD secure every image against change.
+      (1) The sources of images that have been classified as trusted and SHOULD be adequately
+      documented along with the corresponding reasons. (2) In addition, the process of how images or
+      the software components contained in an image are obtained from trusted sources and
+      eventually deployed to a productive environment SHOULD be adequately documented.
+      (3) Images used SHOULD have metadata that makes their function and history traceable. (4) Digital
+      signatures SHOULD secure each image against modification.
     notes: >-
       Section 1: This requirement must be implemented organizationally.
       Section 2: This requirement must be implemented organizationally.
@@ -223,8 +221,8 @@ controls:
     levels:
     - standard
     description: >-
-      Like software products, all images for production use SHOULD go through a testing
-      and release process in accordance with module OPS.1.1.6 Software testing and releases.
+      All images for productive operation SHOULD undergo a test and release process in the same
+      way as software products in accordance with module OPS.1.1.6 Software Tests and Approvals.
     notes: >-
       This requirement must be solved organizationally.
       Note: OpenShift offers various CI/CD solutions that can be used for automation.