This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

CPWE-ID: 12

From OWASP

Revision as of 20:26, 30 August 2012 by Deleted user (talk | contribs) (→‎Insufficient Program Resources)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Insufficient Program Resources

Description

The software development organization or organizational unit has started an application security program, but the resources allocated to support the program (people, tools, or a combination thereof) are not sufficient, the initiative is either not funded or under-funded.

Common Causes

This weakness typically occurs in situations where there is no executive-level application security evangelist.

Common Consequences

Prior to a Cyber Incident - Delayed program adoption
During and After a Cyber Incident - Unknown business risk; impaired incident response

Severity

Critical - This must be addressed immediately.

Other CPWE

CISO Cheat Sheet

Retrieved from "https://wiki.owasp.org/index.php?title=CPWE-ID:_12&oldid=135138"