Application Security Assessment

Does your organization participate in application development or do you contract with third-party application developers to create software used by your organization.

An Application Security Assessment is focused on the following four areas of application security:

• Application Purpose and Architecture
• Application Development and Testing
• Application Level User Management Practices
• Business Continuity Management

Partial Application Security Assessment Guide

THIS GUIDE ONLY SERVES AS A SAMPLE TO GIVE THE READER A GENERAL INDICATION OF DEPTH AND SCOPE.

The actual number, type, and purpose of the questions used in the assessment are dictated by the interviews and other information gathering exercises.

Application Overview

This section is intended to provide information regarding the various aspects of the applications that are utilized to process information on behalf of our client. Only applications used to process client data need to be reviewed. The application overview should start with an introductory paragraph stating the service(s) provided by the client and the application(s) leveraged to provide that service(s).

Following the introductory paragraph, specific details should be provided in bulleted format under appropriate headings. Details should include operating systems, software platforms, application support, application interfaces, application management, and application business continuity planning. Provided below are appropriate headings with the types of information which would go under each heading.

• Application Purpose and Architecture:
• Application Development and Testing:
• Application Level User Management Practices:
• Business Continuity Planning:

[...]



Click here for our Assessment Methodology


Contact us for more information or to request a quote.