Fork me on GitHub

Culture and Organization -> Education and Guidance: Regular security training for externals

Risk and Opportunity

Risk: Understanding security is hard.
Opportunity: Provide security awareness training for all personnel including externals involved in software development on a regular basis.

Additional Information

Implementation hints

Usefulness and Requirements of this Activity

Usefullness: High
Required knowledge: Medium (two disciplines)
Required time: Low
Required resources (systems): Medium

OWASP SAMM VERSION 2

ISO27001 2017