https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-sa-11_-developer-security-testing-and-evaluation/4/NIST SP 800-53 r4 Security Control SA-11: Developer Security Testing and Evaluation4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-11: Developer Security Testing and Evaluation. Applicable to MODERATE impact and HIGH impact systems.2021-04-26T00:00:00.000ZfalseThis document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.https://trustmarkinitiative.org/TMIPRIMARYhelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/800-53Developer Security TestingEvaluationHighModerateNISTP1SecurityServices AcquisitionSystemhttps://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---flaw-correction/1.0/1Developer Security Testing And Evaluation - Flaw Correction1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to correct flaws identified during security testing/evaluation.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---regression-testing/1.0/2Developer Security Testing And Evaluation - Regression Testing1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform regression testing/evaluation at an organization-defined level of depth and coverage.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---unit-testing/1.0/3Developer Security Testing And Evaluation - Unit Testing1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform unit testing/evaluation at an organization-defined level of depth and coverage.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---integration-testing/1.0/4Developer Security Testing And Evaluation - Integration Testing1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform integration testing/evaluation at an organization-defined level of depth and coverage.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---implement-security-assessment-plan/1.0/5Developer Security Testing And Evaluation - Implement Security Assessment Plan1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to implement a security assessment plan.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---create-security-assessment-plan/1.0/6Developer Security Testing And Evaluation - Create Security Assessment Plan1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to create a security assessment plan.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---flaw-remediation-process/1.0/7Developer Security Testing And Evaluation - Flaw Remediation Process1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to implement a verifiable flaw remediation process.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---security-assessment-plan-execution/1.0/8Developer Security Testing And Evaluation - Security Assessment Plan Execution1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to produce evidence of the execution of the security assessment plan.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---system-testing/1.0/9Developer Security Testing And Evaluation - System Testing1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform system testing/evaluation at an organization-defined level of depth and coverage.https://artifacts.trustmarkinitiative.org/lib/tds/developer-security-testing-and-evaluation---results-of-security-testing/1.0/10Developer Security Testing And Evaluation - Results of Security Testing1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to produce the results of the security testing/evaluation.SP800-53R4NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at <a href="http://dx.doi.org/10.6028/NIST.SP.800-53r4">http://dx.doi.org/10.6028/NIST.SP.800-53r4</a>.