Application Security Standard

Application Security Standard

The objective of the Application Security Standard is to identify the minimum security requirements for applications implemented by the Company, to reduce the risk of security incidents caused by security weaknesses of applications that adversely affect the confidentiality, integrity, and/or availability of Company applications and data. Also, this Secure Application Development Standard will:

a. reduce the risk of security incidents caused by security weaknesses of applications that adversely affect the confidentiality, integrity, and/or availability of Company applications and data

b. provide a security-related standard for application assessment and risk analysis

 

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. APPLICATION SECURITY ASSESSMENTS
4. APPLICATION LIFECYCLE
4.1 APPLICATION SECURITY DESIGN REVIEW AND ANALYSIS
4.2 APPLICATION REALIZATION AND TESTING
4.3 PRE-IMPLEMENTATION CONTROLS
4.4 POST-IMPLEMENTATION CONTROLS
5. CORRECT PROCESSING IN APPLICATIONS
5.1 EXTERNALLY-FACING APPLICATIONS
5.2 INPUT DATA VALIDATION
5.3 CONTROL OF PROCESSING
5.4 OUTPUT CONTROLS
6. ACCESS CONTROL IN APPLICATIONS
6.1 AUTHENTICATION
6.2 AUTHORIZATION
6.3 CRYPTOGRAPHY
7. PLATFORMS, LANGUAGES AND TOOLS
8. SECURE PROGRAMMING TECHNIQUES
9. PROTECTION OF APPLICATION TEST DATA
10. PROTECTION AND RETENTION OF SOURCE CODE
11. OUTSOURCED SOFTWARE DEVELOPMENT
12. APPLICATION MONITORING AND LOGGING
13. COMPLIANCE
14. EXCEPTIONS
15. FINAL CONSIDERATIONS
15.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
15.2 DOCUMENT REVISION

Pages: 13

Review Application Security Standard.

Related Products:

€1,049.99

Purchase

This bundle contains all the products listed in the Program Development and Change Management section. Take advantage of the 25% OFF when buying the bundle!

€49.99

Purchase

Adequate Capacity Management Policy must be defined and implemented at the Company, in order to be possible to correctly monitor the performance of the existing or future Company systems, to forecast their future evolution and identify possible bottlenecks.

€49.99

Purchase

This standard documents the security requirements for Wireless solutions within the Company.

Get  Your Free Sample

Please use the form below to subscribe to our list and receive a free procedure template!
GET YOUR FREE TEMPLATE
>
close-link