From the course: CSSLP Cert Prep: 2 Secure Software Requirements
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Legal, regulatory, and industry
From the course: CSSLP Cert Prep: 2 Secure Software Requirements
Legal, regulatory, and industry
- [Instructor] Your internal policies are a great place to start when building out your list of software security requirements, but you don't want to stop there. You should also consider the influence of external requirements on your software security efforts. Generally speaking, those external requirements are likely to fall into one of three categories. While these categories are similar in the fact that they're all external to your organization, each one has its own nuances. Those categories are legal, regulatory, and industry. Legal requirements are those defined by federal, state, or local governments. The requirements tend to be broadly applicable based on where your organization operates, and they often revolve around certain data types. The Sarbanes-Oxley Act of 2002, or SOX, was designed to ensure transparency and accountability for publicly traded companies in the US. Any company who sells stock has to prove at…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.