UCF STIG Viewer Logo

Prior to each release of the application, updates to system, or applying patches; tests plans and procedures must be created and executed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-222644 APSC-DV-003130 SV-222644r864426_rule Low
Description
Without test plans and procedures for application releases or updates, unexpected results may occur which could lead to a denial of service to the application or components. This requirement is meant to apply to developers or organizations that are doing development work when releasing a version update or a patch to the application.
STIG Date
Application Security and Development Security Technical Implementation Guide 2022-09-21

Details

Check Text ( C-24314r493840_chk )
If the review is not being done with the developer of the application, this requirement is not applicable.

Ask the application representative to provide tests plans, procedures, and results to ensure they are updated for each application release or updates to system patches.

If test plans, procedures, and results do not exist, or are not updated for each application release, this is a finding.
Fix Text (F-24303r493841_fix)
Execute tests plans prior to release or patch update.