| Expand | ||
|---|---|---|
| ||
Does your organisation control access to program source code in a secure manner? Yes, we use GitHub. More information: https://commonplace.atlassian.net/l/cp/JdezF0MC |
| Expand | ||
|---|---|---|
| ||
Does your organisation have a documented and approved software development life-cycle (SDLC) process that includes security input? Yes, in summary the stages are: Planning -> Defining -> Designing -> Building -> Testing -> Deployment. Security input exists at all stages, starting with a risk assessment at planning stage. |
...