OWASP / samm

SAMM stands for Software Assurance Maturity Model.
397 stars 134 forks source link

"review" instead of "audit" (Slack input) #101

Closed SebaDele closed 5 years ago

SebaDele commented 5 years ago

https://owasp.slack.com/archives/C0VF1EJGH/p1553270328032500 Consider using the word "review" instead of the word "audit" in certain practices/guidance areas as audit has a very specific meaning to many in security. Audits typically refer to official inspections performed by independent bodies, and in many cases, I believe the "audits" referenced in SAMM would occur but not be conducted by an external auditor.

Pat-Duarte commented 5 years ago

Added to the writing guidelines