Secure System Engineering Policy

The management team at CrowdComms understands that principles for engineering secure systems should be established, documented, maintained and applied to any information system implementation effort. To this end CrowdComms has produced this Secure System Engineering Policy, aligned to the requirements of ISO/IEC 27001:2013 to ensure that the company:

Produces principles that will be applied to in-house information system engineering activities.

Ensure that security is designed into all architecture layers, balancing the need of security with that of accessibility

Ensures that new technology is analysed for security risks.

Ensures that design is reviewed against known attack patterns.

Ensures principles are reviewed to ensure their effectiveness in contributing to enhanced standards of security within the engineering process.

Ensure principles are reviewed to ensure they remain up-to-date in terms of any new potential threats and advances in technology.

Ensure all software is designed, built and tested in accordance with the OWASP standard

Search Results