Skip links and keyboard navigation

For government agency selections have changed to reflect the outcome of the November 2024 Machinery of government (MoG). For more information, see our MoG change guide.

QGEA directions and guidance

Web application security testing guideline

Documents:
Web application security testing guideline (DOC, 478.5 KB)Web application security testing guideline (PDF, 346.9 KB)
Document type:
Guideline
Version:
Final v1.0.0
Status:
CurrentNon-mandated
Owner:
QGCIO
Effective:
December 2011–current
Security classification:
OFFICIAL-Public
Category:
Cyber security

The Web application security testing guideline is structured to help agencies increase their assurance the web applications they use have been developed in a manner that ensures the confidentiality, integrity and availability of the agency data within these applications is maintained in accordance with the agency risk profile.

Last updated:
7 December 2022