iso control a14 - by software outsourcing company in india
TRANSCRIPT
ISO 27001 - Control A14 – System acquisition, development and maintenance
This will include following
A 14 System acquisition, development
A 14.1 Security requirements of information systemsA 14.2 Security in development and support processesA 14.3 Test Data
Topics covered
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
Objective: To ensure that information security is an integral part of information system across the entire lifecycle. This includes the requirements for information systems which provides services over public networks.
A 14.1 Security Requirements of information system
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
A 14.1 includes:
A 14.1.1: Information security requirements analysis and specificationA 14.1.2: Security application services on public networksA 14.1.3: Protecting application services transactions
A 14.1 continue…
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
A 14.1.1 Information security requirements analysis and specification
Control: The information security related requirements shall be included in the requirements for the new information systems or enhancements to the existing information systems.
A 14.1 continue…
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
A 14.1.2 Security application services on public networks
Control: Information involved in application services passing over public networks shall be protected from fraudulent activity, contact dispute and unauthorized disclosure and modification.
A 14.1 continue…
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
A 14.1.3 Protecting application service transactions
Control: Information involved in application service transaction shall be protected to prevent incomplete transmission, mis-routing, unauthorized message alteration, unauthorized disclosure, unauthorized message duplication or replay.
A 14.1 continue…
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
A 14.3 Test data
Objective: To ensure protection of data used for testing.
Which includes:A 14.3.1 Protection of test data
A 14.3 Test Ddata
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
A 14.3.1 Protection of test data
Control: Test data shall be selected carefully, protected and controlled.
A 14.3 Continue…
Ecommerce solution providers in Indiahttp://www.ifourtechnolab.com
https://spaces.internet2.edu/display/2014infosecurityguide/System+Acquisition,+Development,+and+Maintenance
http://www.quotium.com/resources/application-security-iso27001-compliance-seeker-can-help/
References
http://www.ifourtechnolab.com
http://www.ifour-consultancy.comhttp://www.ifourtechnolab.com
For more details..
http://www.ifourtechnolab.com