Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools

Trace:
wiki:policies:dev

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
wiki:policies:dev [2023/03/31 20:19]
kholub 		wiki:policies:dev [2024/01/25 23:02] (current)
katcow
Line 33: Line 33:
 === Supplier Adherence to SDLC === === Supplier Adherence to SDLC ===
  
-Nested Knowledge employees develop all application code. External platforms (e.g. AWS) may provide architecture, orchestrate deployment of, and execute application code. External libraries (e.g. OSS) are consumed by application code as modules. External platforms and libraries are verified with the following:+Nested Knowledge employees develop all application code. External platforms (e.g. AWS) may provide architecture, orchestrate deployment of, and execute application code. External libraries (e.g. OSS) are consumed by application code as modules. External providers offer data to code, most typically in the form of an API. External platforms, providers, and libraries are verified with the following:
  
   * A review of technical documentation   * A review of technical documentation
Line 93: Line 93:
  
 Our [[https://wiki.nested-knowledge.com/doku.php?id=wiki:policies:disaster#application_profile|application profile]] in the Business Continuity Plan describes the criticality of software applications used by Nested Knowledge employees on employee-owned devices. Our [[https://wiki.nested-knowledge.com/doku.php?id=wiki:policies:disaster#application_profile|application profile]] in the Business Continuity Plan describes the criticality of software applications used by Nested Knowledge employees on employee-owned devices.
- 
-At this time, Nested Knowledge does not issue personal computers or mobile devices to employees or contractors. 
  
 ====== Vulnerability and Patch Management ====== ====== Vulnerability and Patch Management ======
Line 120: Line 118:
 === Revision History === === Revision History ===
  
-This policy will be reviewed on an annual basis. The next review will be completed by October 30, 2022.+This policy will be updated at least on an annual basis or when a signficant change occurs.
  
 ^Author^Date of Revision/Review^Comments/Description| ^Author^Date of Revision/Review^Comments/Description|
-|K. Cowie|12/17/2021|Minor Revisions to Secure Development Policy|+|K. Cowie|01/24/2023|Reviewed|
 |K. Holub|03/30/2023|Updating vulnerability scanning to include SecurityScorecard| |K. Holub|03/30/2023|Updating vulnerability scanning to include SecurityScorecard|
 |K. Kallmes|11/19/2021|Draft approved| |K. Kallmes|11/19/2021|Draft approved|
wiki/policies/dev.1680293961.txt.gz ยท Last modified: 2023/03/31 20:19 by kholub

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki