The purpose of this policy is to define the way in which FundApps addresses information security in project management.
Information Security must be addressed for all FundApps projects in scope of this policy.
FundApps projects must include information security requirements.
An information security risk assessment must be conducted at an early stage of the project to identify necessary controls.
Information security must be applied to all the phases of the applied project methodology.
The product manager is responsible for ensuring the project complies with this policy. The Information Security Lead is responsible for ensuring this policy is aligned to FundApps' business objectives.
This policy applies to all FundApps projects that have a potential for impacting FundApps Information System or FundApps data as defined in the .