Fedramp system Security Plan (ssp) High Baseline Template


SA-11 Developer Security Testing and Evaluation (M) (H)



Download 1.2 Mb.
Page376/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   372   373   374   375   376   377   378   379   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

SA-11 Developer Security Testing and Evaluation (M) (H)


The organization requires the developer of the information system, system component, or information system service to:

  1. Create and implement a security assessment plan;

  2. Perform [Selection (one or more): unit; integration; system; regression] testing/evaluation at [Assignment: organization-defined depth and coverage];

  3. Produce evidence of the execution of the security assessment plan and the results of the security testing/evaluation;

  4. Implement a verifiable flaw remediation process; and

  5. Correct flaws identified during security testing/evaluation.



SA-11


Download 1.2 Mb.

Share with your friends:
1   ...   372   373   374   375   376   377   378   379   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page