OCC Bulletin 2008-16: A Blueprint for Compliance

This whitepaper outlines how these limitations can be overcome by following five best practices that institutions can use to secure their applications. The whitepaper also offers insights on how to:
- Mitigate risk from commercial software, outsourced development, and contracted software for both internal and web-facing applications
- Create best practices for securing internal and third party code
- Define security standards with software vendors - including FREE sample outsourcing and COTS contracting language