TACTICAL is an acronym to remember the format to layout a Requirement.

* Tag: “Security/Transport/SSL” * Action: “Improve Security by ensuring all communication between tiers is protected by SSL.” * Classification: “Security. Tamperability” * Test: “Access to the system via http should not be allowed” * Information: (Rational/Reources/References/Recommendations) * Context/Exceptions: “Applicable to server components providing web pages and APIs accessible via HTTP”. * Allowances: “Requests via HTTP can be 302 redirected to the same url, with an HTTPS protocol.”

It's good – but note that the acronym has the following issues: * Which one should be the Name: Tag, or Action? * Classification would be better if it could be before Action

  • /home/skysigal/public_html/data/pages/it/ad/tactical/home.txt
  • Last modified: 2023/11/04 03:32
  • by