Fork me on GitHub

Culture and Org. -> Education and Guidance: Security consulting on request

Risk and Opportunity

Risk: Not asking a security expert when questions regarding security appear might lead to flaws.
Opportunity: Security consulting to teams is given on request. The security consultants can be internal or external.

Exploit details

Usefullness: Medium
Required knowledge: Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low

OWASP SAMM 1 Mapping: EG2-B
ISO27001:2017 Controls Mapping: