I was asked to author a formal code review policy document. It was to meet PCI requirements, but I have no idea what such a document might look like or include. Are there any examples of such a document?
A:
WindowsSecurity.com has a white paper you can download: Passing PCI Compliance Section 6.6: Code Reviews and Application Firewalls
Patrick Cuff
2008-12-05 21:39:01