Skip to main content
  • This page, Secure System and Software Lifecycle Management Standard, is offered by
Advisory

Secure System and Software Lifecycle Management Standard

Date: 10/05/2018
Organization: Cybersecurity and Enterprise Risk Management
Referenced Sources: MGL Chapter 7D, Section 2

The Secure System and Software Lifecycle Management Standard establishes requirements for identifying controls to be incorporated in system and software planning, design, building, testing and implementation.

Contact

Cybersecurity and Enterprise Risk Management

Online

Cybersecurity questions: CommonwealthCISO@mass.gov
Risk management questions: ERM@mass.gov
Report cybersecurity or data breach: eotss-soc@mass.gov
Skip table of contents

Table of Contents

Purpose

The Secure System and Software Lifecycle Management Standard establishes requirements for controls that shall be incorporated in system and software planning, design, building, testing, and implementation, including:

  • Information security activities that shall occur during the system and software development life cycle.
  • Required controls for supporting system or software development processes such as segregation of environments, prevention and/or protection of confidential production data in test environments.
  • The use of version control for software development.
  • Requirements for security hardening when building and configuring systems and applications.

Downloads

IS.014 Secure System and Software Lifecycle Management Standard (PDF 233.62 KB)

Contact

Online

Cybersecurity questions: CommonwealthCISO@mass.gov
Risk management questions: ERM@mass.gov
Report cybersecurity or data breach: eotss-soc@mass.gov
Referenced Sources:
MGL Chapter 7D, Section 2
Feedback