Codes & Standards - Purchase

CSA EXP200:19

Evaluation of software development and cybersecurity programs

SKU: 2427640 Published by CSA Group Publication Year 2019 29 pages Withdrawn

Product Details

Preface/Scope

Preface

This is the first edition of CSA EXP 200, Evaluation of software development and cybersecurity programs. This Express Document is not a consensus product; that is, it is not a standard, and it has not been formally reviewed or approved by a CSA Technical Committee.

The purpose of this Express Document is to provide guidance on the development of a method to evaluate the software development practices and the related cybersecurity practices of an organization that is producing products for the Internet of Things (IoT) product space.

Governments, businesses, and consumers are looking to the rapid adoption of IoT products and services to automate tasks and provide efficiencies in many market areas. While these technologies can dramatically advance the capabilities of those users and businesses, they pose a potential cyber and privacy risk to the end user. The end user is typically under the assumption that these products have undergone some level of security testing and evaluation. This includes these products pose no direct risk to them nor their businesses. However, given the significant increase in purpose-built malware for IoT and related products including the sizable increase of botnet activity of weaponized devices, many products/services would indicate that many of these products have not been designed or tested for security.

Scope

1.1

This Document describes a methodology for assessing the product software and cybersecurity maturity of an organization. It provides the evaluators and vendors a means to determine the maturity of the organization and products/solutions being developed regardless of business sector. It covers the entire product system life cycle from conception to full commissioning and on to end of life. Its premise is an effective executive business decision to establish a comprehensive maturity model approach to cybersecurity

This Document applies to all IoT and related products/solutions.

1.2

In this Document, shall is used to express a requirement, i.e., a provision that the user is obliged to satisfy in order to comply with the document; should is used to express a recommendation or that which is advised but not required; and may is used to express an option or that which is permissible within the limits of the Document.

Notes accompanying clauses do not include requirements or alternative requirements; the purpose a note accompanying a clause is to separate from the text explanatory or informative material.

Notes to tables and figures are considered part of the table or figure and may be written as requirements.

Annexes are designated normative (mandatory) or informative (non-mandatory) to define their application.

Request Copyright Permissions

GST REG No R119441681
QST REG No R1006017360

Features	CSA Advantage^TM	CSA OnDemand^TM
Offline access
Full-text search
Create highlights and personal notes
Newest editions added automatically
Includes all supported languages and archive versions
My Files - create customized files by adding multiple clauses, tables or figures from the standard into your own personal File for quick reference
Toggle between your files and the full standard to maintain context
Instantly preview cross referenced material within the book
Export personal notes to Excel
Transfer notes and highlights when updates are available
Adobe Reader PDF and browser compatible for iOS and Android
Web, Android, iOS Compatible

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

en

fr

Catalogue

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Subscription

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

Services

en

fr

Codes & Standards - Purchase

CSA EXP200:19

Product Details

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

Language

en

fr

Currency

CAD

USD

Catalogue

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Subscription

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

Services

Language

en

fr

Currency

CAD

USD

Search Section

Codes & Standards - Purchase

CSA EXP200:19

Product Details