Software Security Code of Practice - Implementation Guidance - NCSC.GOV.UK
Cookies on this site
We use some essential cookies to make this website work.
We’d like to set additional cookies to understand how you use our website so we can improve our services.
Accept optional cookies
Reject optional cookies
Manage Cookies (opens in a new tab)
Written for
This section shows the list of targeted audiences that the article is written for
Close
guidance
Copied to clipboard
Share
Software Security Code of Practice - Implementation Guidance
Helps technology vendors to develop solutions that demonstrate conformance with the Software Security Code of Practice.
Invalid DateTime
PAGE 1 OF 7
Change
Software Security Code of Practice - Implementation Guidance
PAGE 1 OF 7
monsitj via Getty Images
This guidance helps organisations that develop and/or sell software to understand how they can meet the principles in the Software Security Code of Practice, a systemic intervention by the UK government, designed to ensure that security is ‘baked into’ software, rather than a costed extra.
For the purposes of demonstrating conformance with the principles in the Code of Practice, suggested approaches are expressed as outcome-related claims in the associated Assurance Principles and Claims (APC) document.
This implementation guidance is designed to help vendors develop solutions that will clearly support the evidencing of these claims, and thus demonstrate conformance with the Code of Practice.
Next page
About the Software Security Code of Practice
Back to top
