Guest user Created: Jun 12, 2019 Last commented: Jun 12, 2019

Secure Development Policy

I am looking at implementing a Secure Development Policy. Our ISO 27001 pack contains:

0 0

Assign topic to the user

Select user

Rhand Leal Jun 12, 2019

- A.14_Secure_Development_Policy_Premium_EN
- A.14.1_Appendix_1_Specification_of_Information_System_Requirements_Pre mium_EN
This refers to various controls A.14.2.x which are not in the pack which are also referenced from https://advisera.com/27001academy/blog/2018/04/24/how-to-use-open-web-application-security-project-owasp-for-iso-27001/ which was posted last year. How do I get access to these, please?

Answer:

If you note on section 2 (Reference Documents) of the Secure Development Policy, except for control A.14.2.4 (Restrictions on changes to software packages) all other controls mentioned in the article are covered by this policy. These are the control from ISO 27001 covered by this policy: A.14.1.2, A.14.1.3, A.14.2.1, A.14.2.2, A.14.2.5, A.14.2.6, A.14.2.7, A.14.2.8, A.14.2.9 and A.14.3.1

Control A.14.2.4 is covered by template Security Procedures for IT Department, located in folder 08_Annex_A_Security_Controls A.12_Operations_Security

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jun 12, 2019

Expert Advice Community