Measurement and communication of how many of the vulnerabilities handling per severity for components like applications are aligned to SLAs. This is performed for the hole organization and doesn't need to be broken down (yet) on team/product/application. At least quarterly.
Description
Communication can be performed in a simple way, e.g. text based during the build process. This activity depends on at least one security testing implementation.