LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Obtaining security approval to operate

Obtaining security approval to operate

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Obtaining security approval to operate

“

- [Instructor] Shifting from deployment to operations isn't just a technical process, it involves communication and management sign-off as well. You'll want to build processes that enable you to obtain the security approval needed to operate your application and production. ISC2 uses a specific term for the security approval, Authorization to Operate. Yes, you'll have your hands full with all of the technical security details that constitute the secure deployment of an application. But remember, the business is less concerned with security than they are with risk. You'll want to brief one or more of the senior leaders of your organization on your application and your deployment plans, so they can weigh that information against how this new application might impact the overall risk that the organization is currently managing. By enabling them to make well-informed decisions about those risks, you're enabling them to determine whether or not those risks are reasonable or whether the…

Contents