1: Security Responsibility and Resources

Control objective 1

Security Responsibility and Resources

The software vendor’s senior leadership team establishes formal responsibility and authority for the security of the software vendor’s products and services. The software vendor allocates resources to execute the strategy and ensure that personnel are appropriately skilled.

Roles for all responsibilities are assigned to IBM® Safer Payments team members. To obtain the list of all responsible persons, request it from your account manager.

Control objective 1.3

Software development personnel maintain skills in software security matters relevant to their specific role, responsibility, and job function.

The developers of IBM Safer Payments are provided with training materials about secure coding technologies and how to use them. Each IBM Safer Payments developer must undergo secure coding training at least annually.