Last Updated on August 15, 2021 by Admin 2
What oversight should the information security team have in the change management process for application security?
- Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are deployed in production
- Information security should be aware of all application changes and work with developers before changes and deployed in production
- Information security should be informed of changes to applications only
- Development team should tell the information security team about any application security flaws