What is the Enterprise Application Security Program?
The Enterprise Application Security Program is a new program developed by the Information Security Office within ISS to address the need to build and maintain security within each phase of the systems development lifecycle (SDLC).
Why is GW implementing
the Application Security Program?
When is GW implementing the Application Security Program?
The Enterprise Application Security Program is being rolled out in two Phases. Phase I will go into production on June 1, 2008 and will address initiation, requirements, design, and testing phases of the software development lifecycle. Phase II will be rolled out in late 2008-early 2009.
Which groups within GW are impacted by the Application Security Program?
- Departments within ISS Such as the PMO, AMO, Enterprise Resource Planning Operations, University Web Services, Change Management, Technical Operations, Academic Technologies, and Technical Services
- Departments external to ISS that may be impacted include: FEET, Compliance and Privacy Office, Registrar, Internal Audit. Medical Center, Law School, and General Counsel.
Who are the points of contact for the Application Security Program and where do I get additional Information?
Questions can be directed to AppSec@gwu.edu or to the Chief Security Officer, Krizi Trivisani at 703-726-4412.
Files to Download
Baseline Security Requirements by Tier level
Coding Standards and Best Practices