Testing and Documentation
One of the most neglected areas of software development security policies is the area of testing and documentation. Both are important components of software development, but they have security implications. A comprehensive testing plan can help find a number of problems before they go into production. However, proper documentation can assist testers in understanding what is being tested. Therefore, these policies should start with the requirement for testing and documentation. A simple statement can say
All custom development shall be tested and documented before being installed into the production environment.
It is important to note that this statement is establishing the requirement, not the type of testing or ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access