ISOR:Applicatieontwikkeling Overzicht van applicatieontwikkeling objecten ingedeeld naar BUC: verschil tussen versies
Naar navigatie springen
Naar zoeken springen
k (1 versie: ISOR Applicatieontwikkeling) |
k (code-fix; overbodige spaties weggehaald) |
||
| Regel 1: | Regel 1: | ||
<noinclude>{{ISOR tabel bij|BIO Thema Applicatieontwikkeling}}</noinclude> | <noinclude>{{ISOR tabel bij|BIO Thema Applicatieontwikkeling}}</noinclude> | ||
<table class="wikitable"> | <table class="wikitable"> | ||
<tr> | <tr> | ||
<th></th> | <th></th> | ||
<th> | <th>Nr</th> | ||
<th> | <th>Objecten</th> | ||
<th> | <th>Referentie</th> | ||
<th> | <th>IFGS</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>Beleid domein</td> | <td>Beleid domein</td> | ||
<td> | <td>B 01</td> | ||
<td> | <td>Beleid voor (beveiligd)ontwikkelen</td> | ||
<td> | <td>ISO27002: 14.2.1</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B 02</td> | ||
<td> | <td>Systeem ontwikkelmethode</td> | ||
<td> | <td>SoGP</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B 03</td> | ||
<td> | <td>Classificatie vaninformatie</td> | ||
<td> | <td>ISO27002: 8.2.1</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B.04</td> | ||
<td> | <td>Engineeringprincipes voor beveiligdesystemen</td> | ||
<td> | <td>ISO27002: 14.2.5</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B.05</td> | ||
<td> | <td>Business Impact analyse(BIA)</td> | ||
<td> | <td>SoGP/IR2.2</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B.06</td> | ||
<td> | <td>Privacy en bescherming persoonsgegevens(GEB/PIA)</td> | ||
<td> | <td>CIP Domeingroep BIO,ISO27002:18.2.4</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B 07</td> | ||
<td> | <td>Kwaliteit managementsysteem</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B 08</td> | ||
<td> | <td>Toegangbeveiliging opprogrammacode</td> | ||
<td> | <td>ISO27002: 9.4.5</td> | ||
<td> | <td>G</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>B.09</td> | ||
<td> | <td>Projectorganisatie</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>S</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>Nr</td> | ||
<td> | <td>Objecten</td> | ||
<td> | <td>Referentie</td> | ||
<td> | <td>IFGS</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>Uitvoering domein</td> | <td>Uitvoering domein</td> | ||
<td> | <td>U.01</td> | ||
<td> | <td>Procedures voorwijzigingbeheer m.b.t. applicaties en systemen</td> | ||
<td> | <td>ISO27002: 14.2.2</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.02</td> | ||
<td> | <td>Beperkingen voor deinstallatie van software (richtlijnen)</td> | ||
<td> | <td>ISO27002: 12.6.2</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.03</td> | ||
<td> | <td>Richtlijnen voor programmacode(best practices)</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.04</td> | ||
<td> | <td>Analyse en specificatievan informatiesystemen</td> | ||
<td> | <td>Cobit</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.05</td> | ||
<td> | <td>Analyse en specificatievan informatiebeveiligingseisen</td> | ||
<td> | <td>ISO27002:14.1.1</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.06</td> | ||
<td> | <td>Applicatie ontwerp</td> | ||
<td> | <td>SoGP</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.07</td> | ||
<td> | <td>Applicatiefunctionaliteiten(invoer, verwerking, uitvoer)</td> | ||
<td> | <td>ISO27002:12.2.1, 12.2.2,1.2.2.4, BIR 1.0</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.08</td> | ||
<td> | <td>Applicatiebouw</td> | ||
<td> | <td>SoGP</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.09</td> | ||
<td> | <td>Testen vansysteembeveiliging</td> | ||
<td> | <td>ISO27002:14.2.8</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.10</td> | ||
<td> | <td>Systeemacceptatie tests</td> | ||
<td> | <td>ISO27002:14.2.9</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.11</td> | ||
<td> | <td>Beschermen vantestgegevens</td> | ||
<td> | <td>ISO27002:14.3.1</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.12</td> | ||
<td> | <td>Beveiligde Ontwikkel- (enTest-)omgeving</td> | ||
<td> | <td>ISO27002: 14.2.6</td> | ||
<td> | <td>G</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.13</td> | ||
<td> | <td>Applicatiekoppelingen</td> | ||
<td> | <td>CIP Domeingroep BIO,ISO25010,NIST CA</td> | ||
<td> | <td>G</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.14</td> | ||
<td> | <td>Logging en monitoring</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>G</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.15</td> | ||
<td> | <td>Applicatie architectuur</td> | ||
<td> | <td>CIP Domeingroep BIO,ISO25010</td> | ||
<td> | <td>S</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>U.16</td> | ||
<td> | <td>Tooling ontwikkelmethode</td> | ||
<td> | <td>CIP Domeingroep BIO,ISO25010</td> | ||
<td> | <td>S</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>Nr</td> | ||
<td> | <td>Objecten</td> | ||
<td> | <td>Referentie</td> | ||
<td> | <td>IFGS</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>Control domein</td> | <td>Control domein</td> | ||
<td> | <td>C.01</td> | ||
<td> | <td>Richtlijnen evaluatie ontwikkelactiviteiten</td> | ||
<td> | <td>CIP Domeingroep BIO,ISO27002: 12.6.1</td> | ||
<td> | <td>I</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>C.02</td> | ||
<td> | <td>Versiebeheer</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>C.03</td> | ||
<td> | <td>Patchmanagement van externeprogrammacode</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>C.04</td> | ||
<td> | <td>(Software)configuratie beheer</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>C.05</td> | ||
<td> | <td>Quality assurance</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>C.06</td> | ||
<td> | <td>Compliance management</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>C.07</td> | ||
<td> | <td>Technische beoordeling vaninformatiesystemen na wijziging besturingsplatform</td> | ||
<td> | <td>ISO27002: 14.2.3</td> | ||
<td> | <td>F</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td></td> | <td></td> | ||
<td> | <td>C.08</td> | ||
<td> | <td>Beheersing vansoftwareontwikkeling(sprojecten</td> | ||
<td> | <td>CIP Domeingroep BIO</td> | ||
<td> | <td>S</td> | ||
</tr> | </tr> | ||
<caption align="bottom">Applicatieontwikkeling, Overzicht objecten ingedeeld naar BUC</caption></table> | <caption align="bottom">Applicatieontwikkeling, Overzicht objecten ingedeeld naar BUC</caption></table> | ||
Versie van 15 mei 2019 15:12
- Dit is een tabel bij BIO Thema-uitwerking Applicatieontwikkeling
| Nr | Objecten | Referentie | IFGS | |
|---|---|---|---|---|
| Beleid domein | B 01 | Beleid voor (beveiligd)ontwikkelen | ISO27002: 14.2.1 | I |
| B 02 | Systeem ontwikkelmethode | SoGP | I | |
| B 03 | Classificatie vaninformatie | ISO27002: 8.2.1 | I | |
| B.04 | Engineeringprincipes voor beveiligdesystemen | ISO27002: 14.2.5 | I | |
| B.05 | Business Impact analyse(BIA) | SoGP/IR2.2 | I | |
| B.06 | Privacy en bescherming persoonsgegevens(GEB/PIA) | CIP Domeingroep BIO,ISO27002:18.2.4 | I | |
| B 07 | Kwaliteit managementsysteem | CIP Domeingroep BIO | F | |
| B 08 | Toegangbeveiliging opprogrammacode | ISO27002: 9.4.5 | G | |
| B.09 | Projectorganisatie | CIP Domeingroep BIO | S | |
| Nr | Objecten | Referentie | IFGS | |
| Uitvoering domein | U.01 | Procedures voorwijzigingbeheer m.b.t. applicaties en systemen | ISO27002: 14.2.2 | I |
| U.02 | Beperkingen voor deinstallatie van software (richtlijnen) | ISO27002: 12.6.2 | I | |
| U.03 | Richtlijnen voor programmacode(best practices) | CIP Domeingroep BIO | I | |
| U.04 | Analyse en specificatievan informatiesystemen | Cobit | F | |
| U.05 | Analyse en specificatievan informatiebeveiligingseisen | ISO27002:14.1.1 | F | |
| U.06 | Applicatie ontwerp | SoGP | F | |
| U.07 | Applicatiefunctionaliteiten(invoer, verwerking, uitvoer) | ISO27002:12.2.1, 12.2.2,1.2.2.4, BIR 1.0 | F | |
| U.08 | Applicatiebouw | SoGP | F | |
| U.09 | Testen vansysteembeveiliging | ISO27002:14.2.8 | F | |
| U.10 | Systeemacceptatie tests | ISO27002:14.2.9 | F | |
| U.11 | Beschermen vantestgegevens | ISO27002:14.3.1 | F | |
| U.12 | Beveiligde Ontwikkel- (enTest-)omgeving | ISO27002: 14.2.6 | G | |
| U.13 | Applicatiekoppelingen | CIP Domeingroep BIO,ISO25010,NIST CA | G | |
| U.14 | Logging en monitoring | CIP Domeingroep BIO | G | |
| U.15 | Applicatie architectuur | CIP Domeingroep BIO,ISO25010 | S | |
| U.16 | Tooling ontwikkelmethode | CIP Domeingroep BIO,ISO25010 | S | |
| Nr | Objecten | Referentie | IFGS | |
| Control domein | C.01 | Richtlijnen evaluatie ontwikkelactiviteiten | CIP Domeingroep BIO,ISO27002: 12.6.1 | I |
| C.02 | Versiebeheer | CIP Domeingroep BIO | F | |
| C.03 | Patchmanagement van externeprogrammacode | CIP Domeingroep BIO | F | |
| C.04 | (Software)configuratie beheer | CIP Domeingroep BIO | F | |
| C.05 | Quality assurance | CIP Domeingroep BIO | F | |
| C.06 | Compliance management | CIP Domeingroep BIO | F | |
| C.07 | Technische beoordeling vaninformatiesystemen na wijziging besturingsplatform | ISO27002: 14.2.3 | F | |
| C.08 | Beheersing vansoftwareontwikkeling(sprojecten | CIP Domeingroep BIO | S |