General Terms:

·       The cybersecurity requirements for project and change management of information and technology assets at King Saud University must cover at least the following:

-       Vulnerability assessment and remediation.

-       Conducting a review of configurations and hardening (Secure Configuration and Hardening) and applying update packages before launching and deploying projects and changes.

·       The cybersecurity requirements for application and software development projects at King Saud University must cover at least the following:

-       Adherence to secure coding standards (Secure Coding Standards).

-       Using licensed and trusted sources for application development tools and libraries (Libraries).

-       Conducting tests to verify that applications meet King Saud University’s cybersecurity requirements.

-       Ensuring the security of integration between applications (Integration Security).

-       Reviewing configurations and hardening (Secure Configuration and Hardening) and applying update packages before launching and deploying applications.

·       The cybersecurity requirements for project management at King Saud University must be reviewed annually.