When to use this
Use this checklist to verify that a project or development team follows secure development rules.
Related controls
Checklist
- Secure development standard identified.
- Developers trained.
- Secure code review performed.
- Dependency scanning performed.
- Secrets handling checked.
- Vulnerability findings tracked.
- Third-party code assessed.
- Release gates applied.
- Noncompliances assigned and followed up.
Review record
| Project/team | Standard used | Review date | Findings | Action owner | Due date |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | TBD | TBD |
- Template
- Iso27001
- Technological controls
- Secure development
Note Metadata
Aliases: Secure SDLC Compliance Checklist
Source: 90 Templates/Secure Development Compliance Review Checklist.md
Related Notes
- A.8.25 Audit Evidence Pack
- ISO 27001 A.8.25 - Secure Development Life Cycle
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.25 Audit Checklist
- Secure Development Policy
- Templates MOC