When the time comes to test the security deliverables of a project, who better to do this than the security experts?...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Sure we've heard that the information security team needs to be involved in a development since its inception. We've also heard that "checklists" for what needs to be complied with could help the developers ensure all the security "features" have been considered.
But you can prevent more than a headache -- and possibly a "no-go" implementation decision -- if the security team reviews the test script when the code is ready for testing. After all, who knows more about the required security compliance than the information security experts? They may not be able to tell how to do something for any technology used in the department, but they can definitely say what needs to be there.
Ensuring information security experts are in the loop also will prevent miscommunication.
So, when the time comes to test what you've built, remember to involve the security team if there are security-related deliverables or requirements.