Abstract
The purpose of this research project is to prepare a report on software assurance and
security. The research will assume the role as the Chief Information Security Officer for a mid-
size software development company. It is important to understand the role and what the role
entails. The research will detail the importance of the role in detail and explain what the officer
does and tasks along with methods to implement them. The research will provide methods,
standards, and best-practices related to developing secure software. Through focusing on the
information security program in a mid-size software development company that includes
securing various assets of the organization which includes applications used in organization,
systems used in the workplace of the organization and technology implemented across the
organization. With this research we will find why it is important to implement secure software
development methods. It will show what it entails and why there is a business case for doing so.
We will review the findings of our research which includes the summary of secure software
development best practices, standards, requirements, and methods. This research will include
recommendations and comments in regards of what steps to take to ensure the software
development organization is developing secure and safe software.
