olemus
ISO/IEC 27034-7:
prognoosi põhjendus, mida toetavad
rakenduse omaniku kinnitusega riskianalüüsi dokumendid;
põhjenduse kasutamine nõuab rakenduse omaniku kinnitust
ja põhjendusjuhiste viimist normikomisjonis
rakenduse turvameetmetesse;
kõiki põhjendusega seotud andmeid
hoitakse rakenduse normkarkassis
=
rationale for a prediction, supported by risk analysis documents, approved by the application owner, explaining that performing the verification activities of a specific Application Security Control is not necessary
Note. Use of PASR requires approval of both application owner and the inclusion of the PASR guidelines in the Application Security Control by the Organization Normative Framework Committee.