Fedramp system Security Plan (ssp) High Baseline Template


SA-11 Developer Security Testing and Evaluation (M) (H)



Download 1.2 Mb.
Page376/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   372   373   374   375   376   377   378   379   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

SA-11 Developer Security Testing and Evaluation (M) (H)


The organization requires the developer of the information system, system component, or information system service to:

  1. Create and implement a security assessment plan;

  2. Perform [Selection (one or more): unit; integration; system; regression] testing/evaluation at [Assignment: organization-defined depth and coverage];

  3. Produce evidence of the execution of the security assessment plan and the results of the security testing/evaluation;

  4. Implement a verifiable flaw remediation process; and

  5. Correct flaws identified during security testing/evaluation.



SA-11


Download 1.2 Mb.

Share with your friends:
1   ...   372   373   374   375   376   377   378   379   ...   478



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy