Greetings SC-L folks, I don't participate in standards bodies, so I'm not very familiar with their inner workings and such. However, a colleague has pointed me to an ISO standard under development that will describe an application security development process.
I visited the site (http://www.iso27001security.com/html/27034.html) and didn't find much in the way of documentation, other than a list of really ambitious plans for the future. So my question here is this: anyone here involved in this standards effort? If so, would you mind sharing with us a high level overview of where they are in their efforts and when the world is likely to start seeing output from the effort? Much appreciated. Cheers, Ken ----- Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com Follow us on Twitter at: http://twitter.com/KRvW_Associates
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________