|
Newstaff, Inc.Information Security ServicesBritish Standard 7799 System Development Control |
- To ensure security is built into operational systems
- To prevent loss, modification or misuse of user data in application systems
- To protect the confidentiality, authenticity and integrity of information
- To ensure IT projects and support activities are conducted in a secure manner
- To maintain the security of application system software and data
- data input validation
- control of internal processing including definition of areas of risk and checks and controls
- message authentication
- output data validation
- appropriate policy
- appropriate encryption techniques
- appropriate digital signature techniques
- non-repudiation services
- key management
- protection of keys
- standards, procedures and methods
- control of operational software
- control of access to program source code library
- change control procedures
- a technical review of operating system changes
- restrictions on changes to software packages
- control over outsourced software development
Security in application systems should include:
Cryptographic controls should include:
Security of system files should include:
Security in development and support must have in place:
Contact Us for a proposal!
Security Information
Security Criteria
BS 7799
Security Policy
Security Organization
Assets Control
Personnel Security
Physical Security
Computer, Network
Access Control
Development Controls
Continuity Planning
Compliance, Auditing