Docy Child

PDP-13 Secure coding practice

Estimated reading: 1 minute 626 views

What is this control about?

Secure coding practice – Each organization must have a coding practice to securely deploy changes to production. This practice must be documented and made available to all employees. This can be documented within the change policy or as a standalone document and there is no formal or specific requirement for the documentation.

Available tools in the marketplace

No tools recommendation for this section

Available templates

TrustCloud has a curated list of templates internally or externally sourced to help you get started. Click on the link for a downloadable version:

  • Secure coding practice template example

Control implementation

Define and document a procedure for step-by-step guidance for secure coding

What evidence do auditors look for?

Most auditors, at a minimum are looking for the below suggested action:

  • Provide the most up to date secure coding plan

Evidence example

From the suggested action above, an example is provided below.

  1. Provide the most up-to-date secure coding plan.

TrustCloud example – Agile process documented within the development process

Secure coding practice


Join the conversation

Twitter Facebook LinkedIn

❤️  Joyfully crafted by a 100% distributed team.