The following is a transcription of the VA Network Security Operations Center (NSOC) Code Review Questionnaire received Nov 2013
Application Name:
Version:
Developers:
List all developers
IconList all developers who contributed to the mobile application's (App) code base. The VA's Fortify license agreement is based on the developers who contributed to the application being scanned.
First Name | Last Name | Email Address |
|---|---|---|
Projected Start Date for code review:
Desired End Date for code review:
Milestones dependent on the code review:
Previous code reviews
IconBelow, enter details about previous code scans. How did you fix identified problems? List any security control libraries, frameworks and application programming interfaces (APIs) used to make the repairs.
Describe previous code review scans, if any:
______________
List the application's primary code languages:
Build tools
IconBelow, list the build tools and their versions. For example, Ant 1.9.2
List the the App's build tools:
Number of code lines
IconBelow, enter the approximate number of code lines to help us estimate the review effort. In the following line, enter the number of files in the code package.
Enter the App's approximate number of lines of code: ______________
Enter the number of files in the App: ___________________
Planned Development Life cycle
IconTo help us prepare for future code reviews of this product, describe its expected life cycle. If it is a new product, will it need more code reviews during pending development cycles? Will there be multiple releases of this App?
Describe whether this is a new App or a legacy App, and the application's expected life cycle:
Printer-friendly version
