At what stage of the applications development process should the security department initially become involved?

At what stage of the applications development process should the security department initially become involved?
A . When requested
B . At testing
C . At programming
D . At detail requirements

View Answer

Answer: D

Explanation:

Information security has to be integrated into the requirements of the application’s design. It should also be part of the information security governance of the organization. The application owner may not make a timely request for security involvement. It is too late during systems testing, since the requirements have already been agreed upon. Code reviews are part of the final quality assurance process.