Asess the adequacy of measures

Unite professionals to advance email dataset knowledge globally.
Post Reply
rakhirhif8963
Posts: 540
Joined: Mon Dec 23, 2024 3:15 am

Asess the adequacy of measures

Post by rakhirhif8963 »

GOST R " Information Security. Development of Secure Software. Conformity Assessment Methodology ". Describes a number of standard procedures for verifying the compliance of software development organizations with the requirements of GOST R 56939.
This modified SecAgile methodology made it possible to solve the following current problems of secure software development:

aimed at reducing the number of vulnerabilities in the software being developed and their applicability when conducting software conformity assessment;
to form a basic set of requirements for the development of secure software, allowing for an assessment of the compliance of processes with these requirements;
to develop a methodology for the substantiated formation of a set of measures for the development of secure software.

It should be noted that the recommendations of GOST R ISO/IEC 27034-1 can also be used to form measures and means for monitoring and managing software security, and the recommendations of GOST R ISO/IEC 15408-3 can be used to specify and expand the components of trust .

Conclusion
In practice, the use of the adapted SecAgile methodology allows:

to define the characteristics of the development germany mobile database for secure digital platforms;
make a reasonable selection of processes, tasks and works from the nomenclature of GOST R ISO/IEC 12207, taking into account the characteristics of the development environment, as well as the requirements for the relevant digital platforms;
clarify the list of tasks and works, taking into account the proposed nomenclature of measures for the development of secure digital platforms from GOST R 56939;
document decisions on the implementation of selected processes, tasks and activities, as well as the corresponding justifications for the selected decisions.
It is significant that this allows the following two main scenarios to be implemented:

declaration of conformity: in this case, the developer of the digital platform must implement all the measures proposed in the GOST R 56939 standard and create the corresponding certificates;
using the GOST R 56939 standard as recommendations for increasing the level of security of the digital platform: in this case, the software developer can select a subset of measures to be implemented.
Top
Post Reply

Return to “Email Dataset”