๐ผ A.14 System acquisition, development and maintenance
- Contextual name: ๐ผ A.14 System acquisition, development and maintenance
- ID:
/frameworks/iso-iec-27001-2013/14 - Located in: ๐ผ ISO/IEC 27001:2013
Descriptionโ
Empty...
Similarโ
- Internal
- ID:
dec-b-cc5a8093
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| ๐ผ A.14.1 Security requirements of information systems | 3 | |||
| ย ย ย ย ๐ผ A.14.1.1 Information security requirements analysis and specification | 6 | 6 | ||
| ย ย ย ย ๐ผ A.14.1.2 Securing application services on public networks | 4 | 4 | ||
| ย ย ย ย ๐ผ A.14.1.3 Protecting application services transactions | 7 | 8 | ||
| ๐ผ A.14.2 Security in development and support processes | 9 | |||
| ย ย ย ย ๐ผ A.14.2.1 Secure development policy | ||||
| ย ย ย ย ๐ผ A.14.2.2 System change control procedures | ||||
| ย ย ย ย ๐ผ A.14.2.3 Technical review of applications after operating platform changes | ||||
| ย ย ย ย ๐ผ A.14.2.4 Restrictions on changes to software packages | ||||
| ย ย ย ย ๐ผ A.14.2.5 Secure system engineering principles | ||||
| ย ย ย ย ๐ผ A.14.2.6 Secure development environment | ||||
| ย ย ย ย ๐ผ A.14.2.7 Outsourced development | ||||
| ย ย ย ย ๐ผ A.14.2.8 System security testing | ||||
| ย ย ย ย ๐ผ A.14.2.9 System acceptance testing | ||||
| ๐ผ A.14.3 Test data | 1 | |||
| ย ย ย ย ๐ผ A.14.3.1 Protection of test data |