ISO 27001 Annex : A.14.2 Security in Development and Support Processes
ISO 27001 Annex : A.14.2 Security in Development and Support Processes It’s objective is ensuring the creation and implementation of information security in the information system development process. A.14.2.1 Secure Development Policy Control- Regulations for software and system development should be laid down and applied to organizational developments. Implementation Guidance – Secure development includes a safe infrastructure, architecture, software, and system to be developed. The following considerations should be taken into account in a stable technology policy: Environmental development security; security guidelines for the life cycle of software development: security in the methodology for software development; Secure guidelines on code for each language of programming used; Design-phase protection requirements; Security control points within the milestones of the project; secure repositories; Version control security...