General Terms:

• The cybersecurity requirements for project and change management of information and technology assets at King Saud University must cover at least the following:

                      - Vulnerability assessment and remediation.

                      - Conducting a review of configurations and hardening (Secure Configuration and Hardening) and applying update packages before launching and deploying projects and changes.

• The cybersecurity requirements for application and software development projects at King Saud University must cover at least the following:

                      - Adherence to secure coding standards (Secure Coding Standards).

                      - Using licensed and trusted sources for application development tools and libraries (Libraries).

                      - Conducting tests to verify that applications meet King Saud University’s cybersecurity requirements.

                      - Ensuring the security of integration between applications (Integration Security).

                      - Reviewing configurations and hardening (Secure Configuration and Hardening) and applying update packages before launching and deploying applications.

• The cybersecurity requirements for project management at King Saud University must be reviewed annually.