PO: Prepare the Organization

Organizations should ensure that their people, processes, and technology are prepared to perform secure software development at the organization level.

Practices

• PO.1: Define Security Requirements for Software Development
• PO.2: Implement Roles and Responsibilities
• PO.3: Implement Supporting Toolchains
• PO.4: Define and Use Criteria for Software Security Checks
• PO.5: Implement and Maintain Secure Environments for Software Development
• PO.6: Define and Implement a Continuous Process Improvement Plan