When it comes to compliance in enterprises and companies, three fundamental principles are important:
Four-eyes principle: Have at least one other person review the deployed artifact. Is the person deploying the code different from the person who wrote it?
Traceability: Can we track where the released software comes from? Can we trace the requirements that led to the change through the code, build, and release?
Auditability: Can we see who, when, and why changes were made to the release process? Can we identify who, when, and why a new release was deployed?
In addition, security is crucial to ensure that individuals cannot perform unauthorized actions, including deleting evidence.
Source: (Traceability, auditability and security)[https://learn.microsoft.com/en-us/training/modules/automate-inspection-health/10-examine-considerations-for-choosing-release-management-tools]