Canada Luggage Depot - Secure SDLC
Document Control

0. Document Control #

Title: Software Development Life Cycle (SDLC) Policy

Document ID: CLD-SDLC

Version: 1.0 (Get approval for this version with Nova)

Status: Draft

Effective Date: [YYYY-MM-DD]

Next Review Date: [YYYY-MM-DD]

Review Cycle: Annual

Owner (Policy): Information Security Officer (ISO) — Mary Mouradian

Primary Contact: privacy@canadaluggagedepot.ca

Applicability

  • This policy applies to all software and configuration developed by third parties on behalf of CLD, and to any significant configuration/customization of SaaS platforms used by CLD.

Distribution

  • Executive Team; ISO; Product/Process Owners; Vendor Management; IT Operations; Legal/Privacy; Security Architecture; Procurement; relevant third-party vendors under NDA.

Related Documents

  • CLD Information Security Policy (CLD-ISP)

  • Access Control Policy (CLD-ACP)

  • Incident Response Policy (CLD-IRP)

  • Threat & Vulnerability Management Policy (CLD-VMP)

TODO (Suggestions for related documents) #

  • Logging & Monitoring Standard

  • Password & Authentication Standard

  • Privileged Access Management Standard

  • Remote Access Standard

  • Joiner/Mover/Leaver Procedure

  • Change & Configuration Management Standar0. Document Control

Confidentiality Notice

  • This document contains CLD internal information. Unauthorized disclosure, copying, or distribution is prohibited.

Approvals

  • ISO/Policy Owner: ******____****** Date: **____**

  • Executive Sponsor/Approver: **___** Date: **____**