Making the change: Moving to a Secure Development Life Cycle
For one client, we implemented a change process to take them from a traditional development approach to a better Secure Development Life Cycle (SDLC), which helps plan ahead for technology and controls changes. We assessed this change for them against leading market practices and relevant regulatory requirements.
As part of our work, we conducted a complete review of their processes and their program for future development. We also analyzed the root causes of a recent security data breach they had experienced, and how they had responded to the incident. We therefore recommended various improvements to their SDLC controls.