top of page

SecAware materials

SecAware logo

3½-page policy template on securing the development and acquisition of IT systems.


The development and acquisition processes must ensure that IT systems developed in house or acquired from third parties incorporate suitable information security controls to mitigate unacceptable information risks. 


Valuable information associated with the systems development and acquisition process (such as specifications and designs, source code and more) must also be secured.


Supplied as an MS Word document, readily customised for your organisation's specific situation.

IT systems development and acquisition security policy

bottom of page