💼 A.14 System acquisition, development and maintenance
- Contextual name: 💼 A.14 System acquisition, development and maintenance
- ID:
/frameworks/iso-iec-27001-2013/14 - Located in: 💼 ISO/IEC 27001:2013
Description​
Empty...
Similar​
- Internal
- ID:
dec-b-cc5a8093
- ID:
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 A.14.1 Security requirements of information systems | 3 | |||
|     💼 A.14.1.1 Information security requirements analysis and specification | 6 | 6 | ||
|     💼 A.14.1.2 Securing application services on public networks | 5 | 5 | ||
|     💼 A.14.1.3 Protecting application services transactions | 10 | 14 | ||
| 💼 A.14.2 Security in development and support processes | 9 | |||
|     💼 A.14.2.1 Secure development policy | ||||
|     💼 A.14.2.2 System change control procedures | ||||
|     💼 A.14.2.3 Technical review of applications after operating platform changes | ||||
|     💼 A.14.2.4 Restrictions on changes to software packages | ||||
|     💼 A.14.2.5 Secure system engineering principles | ||||
|     💼 A.14.2.6 Secure development environment | ||||
|     💼 A.14.2.7 Outsourced development | ||||
|     💼 A.14.2.8 System security testing | ||||
|     💼 A.14.2.9 System acceptance testing | ||||
| 💼 A.14.3 Test data | 1 | |||
|     💼 A.14.3.1 Protection of test data |