UnixTime

Research Note

Security Acceptance Criteria Checklist

Use this checklist to define the security conditions that must be met before a system is accepted for operational use.

On this page

When to use this

Use this checklist to define the security conditions that must be met before a system is accepted for operational use.

Criteria checklist

  • Security requirements tested.
  • Access controls tested.
  • Defective input and error handling tested.
  • Regression tests completed.
  • Security controls tested.
  • Vulnerabilities remediated or risk-accepted.
  • Logging and monitoring verified.
  • User/security training completed where needed.
  • Operations readiness confirmed.
  • Final acceptance authority defined.