Security in acquisition, development, and maintenance of network and information systems

Glesys establishes security requirements and controls for systems throughout their lifecycle, including development and operational maintenance.

System lifecycle control: Systems are acquired, classified, assigned owners, documented, reviewed, and decommissioned in a controlled manner.
Secure development practices: Separation of environments, secure coding standards, version control, security testing (e.g., static analysis), and controls for outsourced development.
Controlled changes: Changes are recorded, risk-assessed, approved, validated, and reviewed to reduce security and stability risks.

Last updated 17 days ago

Was this helpful?