This standard documents the security requirements for Company’s Application Security and Development.
The objectives of this document are to:
a. Provide a statement of intent describing how standards for Application Security and Development will be implemented
b. Identify the roles, systems and equipment to which the standard applies
c. Define the key steps that support the implementation of this standard
This standard is aligned to Company’s Systems Management Policy and must be applied to all applications written and developed for the Company.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. APPLICATIONS SECURITY
3.1 USER ACCOUNTS
3.2 CRYPTOGRAPHY SERVICE
3.3 APPLICATION AUDIT LOGS
3.4 USER AUTHENTICATION
3.5 APPLICATION CONTROL
3.6 DATA BACKUP & RECOVERY
3.7 APPLICATION MANAGEMENT STANDARDS
3.8 APPLICATION DESIGN
3.9 APPLICATION VULNERABILITY
3.10 APPLICATION CONFIGURATION
3.11 RELEASE MANAGEMENT
3.12 APPLICATION TESTING
3.13 APPLICATION MAINTENANCE
3.14 WEB SERVICES SECURITY
3.15 INTERNET PROTOCOL (IPV6)
5. FINAL CONSIDERATIONS
5.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
5.2 DOCUMENT REVISION
This bundle contains all the products listed in the Program Development and Change Management section. Take advantage of the 25% OFF when buying the bundle!
This standard documents the security requirements for Vulnerability Management within the Company. Vulnerability management must be applied to all Company systems.
The Public Cloud Security Standard (the Standard) establishes security requirements and controls to maintain the Confidentiality, integrity, and availability of the Company’s data in the public cloud.