US Flag Official website of the Department of Homeland Security
U.S. Department of Homeland Security Seal. Software and Supply Chain Assurance. Community Resources and Information Clearinghouse (CRIC).

Processes and Practices Working Group

Mission and Objectives

  • Capture and discuss software assurance issues
  • Share best practices
  • Provide community input to and comments on
    • DHS and DoD guidebooks relating to software assurance
    • National and international software assurance standards
    • DHS and DoD policy guidance on system and software assurance

    Software Assurance Universe
    Software Assurance Universe

Recent Releases and Updates

Software Assurance Capability Benchmarking Effort

Organizations need to be aware of the assurance landscape and ensure they have the capability to achieve their software assurance goals. In response, the DHS SwA Processes and Practices Working Group has synthesized the contributions of leading government and industry experts into a set of high level goals and supporting practices. Additional information and latest work products are available

A Software Assurance Pocket Guide, "Key Practices for Mitigating the Most Egregious Exploitable Software Weaknesses," has been posted on the SwA Resources page.

The industry working group formed to explore options and strategies for extending CMMI-DEV V1.2 for assurance concerns has completed the draft of the assurance thread and an initial set of training materials.

The SwA Processes and Practices Working Group is collecting lessons learned on the piloting of the assurance focus identified in the processes areas [Experience Report] [Comment Matrix].

The industry team is currently updating the July 2008 draft of the Process Reference Model for Assurance Mapping to CMMI-DEV V1.2 to reflect the current draft assurance thread for CMMI-DEV V1.2. A Process Reference Model for Assurance Document is planned as a next step.

Contact Information

To comment or request further information, contact the working group chairs at software.assurance [at]

To join the Software Assurance Processes and Practices Working Group, see the instructions for joining a working group.

Back to Top