Information Security Governance Papers
Paper Title | Developmental Security Test and Evaluation |
---|---|
The Abstract of The Paper |
Test security controls developed for a new information system or product for proper and effective operation. Some types of security controls (primarily those controls of a nontechnical nature) cannot be tested and evaluated until the information system is deployed; these controls are typically management and operational controls.
Develop test plan/script/scenarios. |
Web Link | http://csrc.nist.gov/publications/nistpubs/800-100/SP800-100-Mar07-2007.pdf |