SID-OPS-08 — Secure Development Lifecycle

Property	Value
Owner	platform
Category	process
CSF Function	protect
Group	Operational Controls

Description

Documented secure SDLC: threat modeling, secure coding guidelines, code review policy, security testing requirements.

Source References

• compliance/policies/sdlc-policy.md

Framework Requirements

EUDI Security Requirements: CS-I.2-Dev, CS-I.3-WI

FitCEM Wallet Instance: FIT-CS-01, FIT-NF-07, FIT-NF-09

ISO 27001 Annex A: A.5.8, A.8.4, A.8.25, A.8.29, A.8.31, A.8.33, A.8.34

OWASP ASVS 4.0.3 Level 3: V1.1, V1.11, V11.1, V14.1