PO.3.3: Configure tools to generate artifacts of their support of secure software development practices as defined by the organization.
Example 1: Use existing tooling (e.g., workflow tracking, issue tracking, value stream mapping) to create an audit trail of the secure development-related actions that are performed for continuous improvement purposes.
Example 2: Determine how often the collected information should be audited, and implement the necessary processes.
Example 3: Establish and enforce security and retention policies for artifact data.
Example 4: Assign responsibility for creating any needed artifacts that tools cannot generate.
Description
Configure tools to generate artifacts of their support of secure software development practices as defined by the organization.