At what stage of the applications development process should the security department initially
become involved?
A.
When requested
B.
At testing
C.
At programming
D.
At detail requirements
Explanation:
Information security has to be integrated into the requirements of the application’s design. It
should also be part of the information security governance of the organization. The application
owner may not make a timely request for security involvement. It is too late during systems testing,
since the requirements have already been agreed upon. Code reviews are part of the final quality
assurance process.