Application Security Standard
The objective of the Application Security Standard is to identify the minimum security requirements for applications implemented by the Company, to reduce the risk of security incidents caused by security weaknesses of applications that adversely affect the confidentiality, integrity, and/or availability of Company applications and data. Also, this Secure Application Development Standard will:
a. reduce the risk of security incidents caused by security weaknesses of applications that adversely affect the confidentiality, integrity, and/or availability of Company applications and data
b. provide a security-related standard for application assessment and risk analysis
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. APPLICATION SECURITY ASSESSMENTS
4. APPLICATION LIFECYCLE
4.1 APPLICATION SECURITY DESIGN REVIEW AND ANALYSIS
4.2 APPLICATION REALIZATION AND TESTING
4.3 PRE-IMPLEMENTATION CONTROLS
4.4 POST-IMPLEMENTATION CONTROLS
5. CORRECT PROCESSING IN APPLICATIONS
5.1 EXTERNALLY-FACING APPLICATIONS
5.2 INPUT DATA VALIDATION
5.3 CONTROL OF PROCESSING
5.4 OUTPUT CONTROLS
6. ACCESS CONTROL IN APPLICATIONS
6.1 AUTHENTICATION
6.2 AUTHORIZATION
6.3 CRYPTOGRAPHY
7. PLATFORMS, LANGUAGES AND TOOLS
8. SECURE PROGRAMMING TECHNIQUES
9. PROTECTION OF APPLICATION TEST DATA
10. PROTECTION AND RETENTION OF SOURCE CODE
11. OUTSOURCED SOFTWARE DEVELOPMENT
12. APPLICATION MONITORING AND LOGGING
13. COMPLIANCE
14. EXCEPTIONS
15. FINAL CONSIDERATIONS
15.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
15.2 DOCUMENT REVISION
Pages: 13
Related Products:
Program Development and Change Management Bundle
€1,049.00
This bundle contains all the products listed in the Program Development and Change Management section. Take advantage of the 25% OFF when buying the bundle!
Program Development and Change Management Bundle
€1,049.00
This bundle contains all the products listed in the Program Development and Change Management section. Take advantage of the 25% OFF when buying the bundle!
Capacity Management Policy
€49.00
Adequate Capacity Management Policy must be defined and implemented at the Company, in order to be possible to correctly monitor the performance of the existing or future Company systems, to forecast their future evolution and identify possible bottlenecks.
Capacity Management Policy
€49.00
Adequate Capacity Management Policy must be defined and implemented at the Company, in order to be possible to correctly monitor the performance of the existing or future Company systems, to forecast their future evolution and identify possible bottlenecks.
Wireless Security Standard
€49.00
This standard documents the security requirements for Wireless solutions within the Company.
Wireless Security Standard
€49.00
This standard documents the security requirements for Wireless solutions within the Company.
Review Application Security Standard.
You must be logged in to post a review.