In part 11 of your technical, 'Data privacy and security', you only talk about privacy but not security.
How could you be sure the information of the users is safe? It would help if you talked about security audits that should be done for the application.
Which frequency?
What is the scope?
What are the responsible parties?
...
What happens if there is an incident?
What are the steps to be taken?
What is the communication plan?
What are the remediation steps?
...
Severity
High (Immediate attention needed)
Version
1.01
Expected Correction
Some research should be done on the security of the users.
The team should be aware of what to do in case of a technological incident to act as fast as possible
Description
In part 11 of your technical, 'Data privacy and security', you only talk about privacy but not security.
How could you be sure the information of the users is safe? It would help if you talked about security audits that should be done for the application.
What happens if there is an incident?
Severity
Version
1.01
Expected Correction
Some research should be done on the security of the users. The team should be aware of what to do in case of a technological incident to act as fast as possible
Other Details
No response