16.1: Establish and Maintain a Secure Application DevelopmentĀ Process
CSF v1.1 References:
PF v1.0 References:
Previous Version:
- Critical Security Controls Version 7.1:
- 18.1: Establish Secure Coding Practices
Control Statement
Establish and maintain a secure application development process. In the process, address such items as: secure application design standards, secure coding practices, developer training, vulnerability management, security of third-party code, and application security testing procedures. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]