Developing Secure Products and Systems

Question 1

Who brides the gap between standards & their implementation?

Answer 1

ISA Security Compliance Institute (ISCI)

Question 2

What are the goals of product SDLC?

Answer 2

1 - To provide a product framework addressing:
A) Secure by design
B) Defense in-depth approach while
designing.
C) Building
D) Maintaining
E) Retiring.

2 - Support meeting products overall Capability Security Level SL (C)

3 - The secondary goal is to align
A) Development Process
B) Needs Of Industrial Users.
C) Security configs and patch management policies & procedures.
D) Communication about uncovered product security vulnerabilities.