Controlling Software Code during Software Development

Although many systems are based upon standard package software, many organisations nevertheless continue to develop software, either as maintenance of a legacy system, or because their needs are unique and competitive advantage is gained by their specialised capability. As a result, even relatively small organisations can find themselves managing a team of 'development' staff. The following topic identifies some of the key Information Security issues and actions to help avoid such risks.

To view the related Policy click      

  • Insufficient testing of new software can often result in errors which disrupt your operational systems.

  • 'Bench testing' of code must observe agreed standards.
  • Before going 'live', software must be tested according to agreed standards.
  • Errors in code (bugs), should be formally recorded and actioned.
  • During testing, source code must be controlled and remain unavailable to programmers.
  • Where software coding standards have not been agreed, on going maintenance can become onerous because the structure of the code is inconsistent.

  • You should develop and agree organisational standards for programmers.
  • Always document the code to explain the logic of the main routines.
  • All code should undergo Peer Review to maintain quality and standards.
  • Withdraw code that has been reviewed (and agreed) to prevent any further modifications.
Previous PageTop of this pageNext Page

Information Security Policies from US$595

 From
 US$595

For further information about the RUsecure interactive security policies, visit Information Security Policy World
Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
Sponsor: ISO 17799 Directory
This site created with EasyHTMLHelp(tm) for MS Word

 

Next PageUpPrevious Page