A security analyst has been asked to perform a review of an organizations software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of
another developers code.
Which of the following assessment techniques is BEST described in the analysts report?
A. Architecture evaluation
B. Baseline reporting
C. Whitebox testing
D. Peer review