http://cyfun.data.gift/data/requirement_PR_PS_06_3

Concept

http://cyfun.data.gift/data/subcategory_PR.PS-06
- External link
- Internal link

Properties and relations

Direct links from the subject.

Property	Value
type The subject is an instance of a class. External link Internal link	http://cyfun.data.gift/ontology#Requirement External link Internal link
type The subject is an instance of a class. External link Internal link	Concept An idea or notion; a unit of thought. External link Internal link
label A human-readable name for the subject. External link Internal link	PR.PS-06.3: Secure software development practices shall be integrated into all phases of the software development lifecycle, and their effectiveness should be regularly moni- tored and improved.
http://cyfun.data.gift/ontology#requirementId External link Internal link	PR.PS-06.3
http://cyfun.data.gift/ontology#foundIn External link Internal link	http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p128 External link Internal link
has broader Relates a concept to a concept that is more general in meaning. External link Internal link	http://cyfun.data.gift/data/subcategory_PR.PS-06 External link Internal link
note A general note, for any purpose. External link Internal link	The goal of this control is to prevent unintended security risks by testing planned changes to critical systems in a controlled environment before deployment. To achieve this goal, the organisation should: - Plan the Test Scenario - Security threats to systems, assets, processes, and people should be identified. - Planned configuration changes or system modifications should be analysed for their potential impact on security. - Prepare the Test Environment - Test data should reflect realistic operational scenarios. - Hardware, software, and network requirements should be clearly defined. - The test environment should closely mirror the production environment in setup and configuration. - Sufficient disk space should be allocated for testing activities. - Software versions in the test environment should match those in production. - Ensure Security and Maintainability - Software in the test environment should be regularly updated to address known vulnerabilities. - Virtualisation or containerisation should be used to create consistent and replicable environments. - Isolated virtual machines (VMs) should be used to prevent interference with operational systems. - Security controls such as firewalls and access restrictions should be implemented in the test environment.
note A general note, for any purpose. External link Internal link	The goal of this control is to prevent unintended security risks by testing planned changes to critical systems in a controlled environment before deployment. To achieve this goal, the organisation should: - Plan the Test Scenario - Security threats to systems, assets, processes, and people should be identified. - Planned configuration changes or system modifications should be analysed for their potential impact on security. - Prepare the Test Environment - Test data should reflect realistic operational scenarios. - Hardware, software, and network requirements should be clearly defined. - The test environment should closely mirror the production environment in setup and configuration. - Sufficient disk space should be allocated for testing activities. - Software versions in the test environment should match those in production. - Ensure Security and Maintainability - Software in the test environment should be regularly updated to address known vulnerabilities. - Virtualisation or containerisation should be used to create consistent and replicable environments. - Isolated virtual machines (VMs) should be used to prevent interference with operational systems. - Security controls such as firewalls and access restrictions should be implemented in the test environment.
note A general note, for any purpose. External link Internal link	The goal of this control is to prevent unintended security risks by testing planned changes to critical systems in a controlled environment before deployment. To achieve this goal, the organisation should: • Plan the Test Scenario o Security threats to systems, assets, processes, and people should be identified. o Planned configuration changes or system modifications should be analysed for their potential impact on security. • Prepare the Test Environment o Test data should reflect realistic operational scenarios. o Hardware, software, and network requirements should be clearly defined. o The test environment should closely mirror the production environment in setup and configuration. o Sufficient disk space should be allocated for testing activities. o Software versions in the test environment should match those in production. • Ensure Security and Maintainability o Software in the test environment should be regularly updated to address known vulnerabilities. o Virtualisation or containerisation should be used to create consistent and replicable environments. o Isolated virtual machines (VMs) should be used to prevent interference with operational systems. o Security controls such as firewalls and access restrictions should be implemented in the test environment.
note A general note, for any purpose. External link Internal link	<div><p>The goal of this control is to prevent unintended security risks by testing planned changes to critical systems in a controlled environment before deployment. To achieve this goal, the organisation should:</p><ul><li>Plan the Test Scenario<ul><li>Security threats to systems, assets, processes, and people should be identified.</li><li>Planned configuration changes or system modifications should be analysed for their potential impact on security.</li></ul></li><li>Prepare the Test Environment<ul><li>Test data should reflect realistic operational scenarios.</li><li>Hardware, software, and network requirements should be clearly defined.</li><li>The test environment should closely mirror the production environment in setup and configuration.</li><li>Sufficient disk space should be allocated for testing activities.</li><li>Software versions in the test environment should match those in production.</li></ul></li><li>Ensure Security and Maintainability<ul><li>Software in the test environment should be regularly updated to address known vulnerabilities.</li><li>Virtualisation or containerisation should be used to create consistent and replicable environments.</li><li>Isolated virtual machines (VMs) should be used to prevent interference with operational systems.</li><li>Security controls such as firewalls and access restrictions should be implemented in the test environment.</li></ul></li></ul></div>
notation A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. External link Internal link	PR.PS-06.3
alternative label skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. External link Internal link	Secure software development practices
preferred label A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. External link Internal link	Secure software development practices shall be integrated into all phases of the software development lifecycle, and their effectiveness should be regularly moni- tored and improved.
is in scheme Relates a resource (for example a concept) to a concept scheme in which it is included. External link Internal link	http://cyfun.data.gift/data/CyFun2025 External link Internal link
is in scheme Relates a resource (for example a concept) to a concept scheme in which it is included. External link Internal link	http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL External link Internal link
is in scheme Relates a resource (for example a concept) to a concept scheme in which it is included. External link Internal link	http://cyfun.data.gift/data/CyFun2025_ESSENTIAL External link Internal link
http://cyfun.data.gift/ontology#level External link Internal link	http://cyfun.data.gift/data/level_ESSENTIAL External link Internal link
triple count The number of triples associated with the subject. External link Internal link	17
in dataset Specifies the dataset the subject is part of. External link Internal link	http://data.gift/d/datasets/69E8863AA6CE46D9ACD13109 External link Internal link

type

The subject is an instance of a class.

http://cyfun.data.gift/ontology#Requirement

type

The subject is an instance of a class.

Concept

An idea or notion; a unit of thought.

label

A human-readable name for the subject.

PR.PS-06.3: Secure software development practices shall be integrated into all phases of the software development lifecycle, and their effectiveness should be regularly moni- tored and improved.

http://cyfun.data.gift/ontology#requirementId

PR.PS-06.3

http://cyfun.data.gift/ontology#foundIn

http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p128

has broader

Relates a concept to a concept that is more general in meaning.

http://cyfun.data.gift/data/subcategory_PR.PS-06

note

A general note, for any purpose.

The goal of this control is to prevent unintended security risks by testing planned changes to critical systems in a controlled environment before deployment. To achieve this goal, the organisation should: - Plan the Test Scenario - Security threats to systems, assets, processes, and people should be identified. - Planned configuration changes or system modifications should be analysed for their potential impact on security. - Prepare the Test Environment - Test data should reflect realistic operational scenarios. - Hardware, software, and network requirements should be clearly defined. - The test environment should closely mirror the production environment in setup and configuration. - Sufficient disk space should be allocated for testing activities. - Software versions in the test environment should match those in production. - Ensure Security and Maintainability - Software in the test environment should be regularly updated to address known vulnerabilities. - Virtualisation or containerisation should be used to create consistent and replicable environments. - Isolated virtual machines (VMs) should be used to prevent interference with operational systems. - Security controls such as firewalls and access restrictions should be implemented in the test environment.

note

A general note, for any purpose.

note

A general note, for any purpose.

The goal of this control is to prevent unintended security risks by testing planned changes to critical systems in a controlled environment before deployment. To achieve this goal, the organisation should: • Plan the Test Scenario o Security threats to systems, assets, processes, and people should be identified. o Planned configuration changes or system modifications should be analysed for their potential impact on security. • Prepare the Test Environment o Test data should reflect realistic operational scenarios. o Hardware, software, and network requirements should be clearly defined. o The test environment should closely mirror the production environment in setup and configuration. o Sufficient disk space should be allocated for testing activities. o Software versions in the test environment should match those in production. • Ensure Security and Maintainability o Software in the test environment should be regularly updated to address known vulnerabilities. o Virtualisation or containerisation should be used to create consistent and replicable environments. o Isolated virtual machines (VMs) should be used to prevent interference with operational systems. o Security controls such as firewalls and access restrictions should be implemented in the test environment.

note

A general note, for any purpose.

<div><p>The goal of this control is to prevent unintended security risks by testing planned changes to critical systems in a controlled environment before deployment. To achieve this goal, the organisation should:</p><ul><li>Plan the Test Scenario<ul><li>Security threats to systems, assets, processes, and people should be identified.</li><li>Planned configuration changes or system modifications should be analysed for their potential impact on security.</li></ul></li><li>Prepare the Test Environment<ul><li>Test data should reflect realistic operational scenarios.</li><li>Hardware, software, and network requirements should be clearly defined.</li><li>The test environment should closely mirror the production environment in setup and configuration.</li><li>Sufficient disk space should be allocated for testing activities.</li><li>Software versions in the test environment should match those in production.</li></ul></li><li>Ensure Security and Maintainability<ul><li>Software in the test environment should be regularly updated to address known vulnerabilities.</li><li>Virtualisation or containerisation should be used to create consistent and replicable environments.</li><li>Isolated virtual machines (VMs) should be used to prevent interference with operational systems.</li><li>Security controls such as firewalls and access restrictions should be implemented in the test environment.</li></ul></li></ul></div>

notation

A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme.

PR.PS-06.3

alternative label

skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties.

Secure software development practices

preferred label

A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag.

Secure software development practices shall be integrated into all phases of the software development lifecycle, and their effectiveness should be regularly moni- tored and improved.

is in scheme

Relates a resource (for example a concept) to a concept scheme in which it is included.

http://cyfun.data.gift/data/CyFun2025

is in scheme

Relates a resource (for example a concept) to a concept scheme in which it is included.

http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL

is in scheme

Relates a resource (for example a concept) to a concept scheme in which it is included.

http://cyfun.data.gift/data/CyFun2025_ESSENTIAL

http://cyfun.data.gift/ontology#level

http://cyfun.data.gift/data/level_ESSENTIAL

triple count

The number of triples associated with the subject.

in dataset

Specifies the dataset the subject is part of.

http://data.gift/d/datasets/69E8863AA6CE46D9ACD13109

References

Inverse links to the subject.

Property	Subject
http://cyfun.data.gift/ontology#hasRequirement External link Internal link	http://cyfun.data.gift/data/subcategory_PR.PS-06 External link Internal link
has narrower Relates a concept to a concept that is more specific in meaning. External link Internal link	http://cyfun.data.gift/data/subcategory_PR.PS-06 External link Internal link

http://cyfun.data.gift/ontology#hasRequirement

http://cyfun.data.gift/data/subcategory_PR.PS-06

has narrower

Relates a concept to a concept that is more specific in meaning.

http://cyfun.data.gift/data/subcategory_PR.PS-06

http://cyfun.data.gift/data/requirement_PR_PS_06_3

other concept-schemes 3

broader concepts 1

Properties and relations

References