Developer Security Testing

class

Management

family

System and Services Acquisition

number

SA-11

priority

P2

impact

MODERATE_HIGH

The organization requires that information system developers/integrators, in consultation with associated security personnel (including security engineers): Create and implement a security test and evaluation plan; Implement a verifiable flaw remediation process to correct weaknesses and deficiencies identified during the security testing and evaluation process; and Document the results of the security testing/evaluation and flaw remediation processes.

Comments