Register Here to Download:

Already registered? Sign in here.

With 94% of IT security risks coming from software¹, it is imperative that enterprises assess, measure, and manage their software risk. This significant new guidance from one of the most trusted names in information assurance and auditing outlines the processes, controls, and tools needed to ask the right questions and get the right answers about software risk. Highlights include:

	Executive Summary: a brief outline for the CXO of the organizational imperatives and action items to understand risk from software
	Auditor’s Checklist: a detailed description of a software security assurance audit program and internal control questionnaire
	Compliance Matrices: an at-a-glance cross-reference of the applicability of software security assurance to the major regulatory compliance frameworks

About the Author
Charles H. Le Grand, CIA, CISA, the founder of CHL Global Associates, has more than 30 years experience addressing the most critical technology issues facing the auditing profession. For many years he lead the Institute of Internal Auditors’ headquarters staff in addressing IT issues and applying solutions, pioneering many of IIA’s landmark research projects and audit guides.

CHL Global Associates provides information security and reliability services in association with the best available technology management, security, control, risk management, auditing, assurance, and governance advisers and experts. To learn more, visit us at: www.CHLGlobalAssociates.com.

About Ounce Labs, Inc.
Ounce Labs™, the leader in software security assurance, delivers products that enable customers to manage software risk in applications across the enterprise, traceable down to individual lines of code. The Ounce solution features patents-pending source code analysis technology, which scans source code to pinpoint programming errors, design flaws, and policy violations. Ounce offers the most accurate and complete software vulnerability results, the fastest time-to-results, the only complete application portfolio management, and the greatest deployment flexibility. Customers using the Ounce software security solution include leading organizations in financial services, telecommunications, software development, government, and other industries focused on protecting data, reducing software vulnerabilities, and complying with industry regulations. Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. For more information, please visit www.ouncelabs.com.

¹National Institute of Standards and Technology, http://icat.nist.gov/icat_documentation.htm

Once you have completed your download, please use your Ounce Labs ID to access any of our other in-depth security publications in our Library.

back to top