Product Security Quarterly Review
1. Executive summary
- Risk direction:
- Quarter highlights:
- Main concerns:
- Leadership decisions requested:
2. Objectives and commitments
| Objective | Planned outcome | Result | Notes |
|---|---|---|---|
3. Coverage snapshot
- Applications in scope:
- Tier 1 applications under release gates:
- Terraform repos under policy checks:
- Services sending release evidence:
- Critical exceptions open:
4. Metric review
| Metric | Previous quarter | Current quarter | Direction | Comment |
|---|---|---|---|---|
| Critical finding aging > 30 days | ||||
| Release gate pass rate | ||||
| Exception debt | ||||
| Threat modeling coverage | ||||
| Evidence coverage |
5. Material risks
6. Improvements delivered
7. Incidents and lessons
- Incident / near miss:
- Lesson:
- Control change made: