Fork me on GitHub

CultureAndOrganization -> Education and Guidance: Regular security training of security champions

Risk and Opportunity

Risk: Understanding security is hard, even for security champions.
Opportunity: Regular security training of security champions.
Evidence: - Process Documentation: TODO - Training Content: TOODO

Usefulness and Requirements of this Activitiy

Usefullness: Very High
Required knowledge: High (two disciplines)
Required time: Low
Required resources (systems): Low

Additional Information

Dependencies: Each team has a security champion
Implementation hints:

OWASP SAMM VERSION 2

ISO27001 2017