Talk:Policy Frameworks

Jump to: navigation, search

Shouldn't in the following line: "Many of the controls within OWASP Guide 2.0 are influenced by requirements of national standards or control frameworks such as COBIT; typically controls selected out of OWASP will satisfy relevant ISO 17799 and COBIT controls." OWASP Guide 2.0 be replaced with OWASP Guide 3.0?


Paragraph 2.1 states "Each of the four domains has 13 high level objectives"

As far as I can tell, this is wrong. COBIT has a total of 34 high level objectives, distributed like this:

   * Plan and Organize: 10
   * Acquire and Implement: 7
   * Deliver and Support: 13
   * Monitor and Evaluate: 4