UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Test Manager will ensure security flaws are fixed or addressed in the project plan.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16832 APP5110 SV-17832r1_rule DCSQ-1 Medium
Description
If security flaws are not tracked, they may possibly be forgotten to be included in a release. Tracking flaws in the project plan will help identify code elements to be changed as well as the requested change.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-17831r1_chk )
Ask the application representative to demonstrate how security flaws are integrated into the project plan.

If the application is a COTS/GOTS product or is composed of only COTS/GOTS products with no custom code, this check does not apply unless the application is being reviewed by or in conjunction with the COTS/GOTS vendor in which case this check is applicable.

1) If security flaws are not addressed in the project plan or there is no process to introduce security flaws into the project plan, it is a finding.
Fix Text (F-17149r1_fix)
Address security flaws in the project plan.