Guest
Interpretation of A.14.2 : Security in development and support processes
Some BPO (call center) companies exclude all controls of A.14.2 thinking that this set of controls is only for software development organizations. I am of the opinion that development is applicable to design of services and solutions in non-software service organizations too.
Which view is correct?
Assign topic to the user
ISO 27001 SECURE DEVELOPMENT POLICY
Basic rules for secure development of software and systems.
Get it now 
ISO 27001 SECURE DEVELOPMENT POLICY
Basic rules for secure development of software and systems.
Get it now
ISO 27001 SECURE DEVELOPMENT POLICY
Basic rules for secure development of software and systems.
Get it now
Sub-section A.14.2 (Security in development and support processes) applies to any kind of development: software or other type. However, the controls in this sub-section suggest that this development must be related to information systems. So you might have some kind of a development of new products in your systems which do not require any software development.
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016