Application Security Review and Testing Audit Work Program
Subscriber Content
Conducting an Application Security Review and Testing Audit: Two Sample Audit Programs
Application security is an important point of focus for many companies worldwide. It involves checking the security controls of an application, not the operating system or device that hosts the application. The security review is directly related to the applications that have been custom developed or built on top of other commercial applications. Application security testing does not involve looking at hosting software such as the web servers, but rather focuses on the application software itself.
This tool contains two sample audit programs that provide steps organizations can take to facilitate an application security review and testing audit.