Software Security and Quality Assurance (SSQA) Level 1 Security Standard
Achieving the Minimum Standards Expected for Software Security and Quality Assurance
Last Updated August 2022
Introduction
An ever-increasing reliance upon digital services and technology coupled with the ongoing discovery of weaknesses which threaten the confidentiality, integrity and availability of digital services and data presents an ongoing challenge for organizations and governments worldwide.
It is therefore important to make sure that the software applications used by these entities are as secure as possible, by ensuring that security has been considered within development or procurement efforts and by also ensuring that such concerns are considered as part of outsourced development efforts by third-parties.
Secure development is a practice to ensure that the code and processes that go into developing applications are as secure as possible.
Secure development practices consider security during each development phase or stage, regardless of chosen development methodology.
Within the context of software security, secure development considers the application of secure coding practices to transform the traditional Software Development Lifecycle (SDL) into a Secure Software Development Lifecycle (SSDL).