1 Scope
ISO/IEC 27034 provides guidance to assist organizations in integrating security into the processes used for
managing their applications.
This part of ISO/IEC 27034 presents an overview of application security. It introduces definitions, concepts,
principles and processes involved in application security.
ISO/IEC 27034 is applicable to in-house developed applications, applications acquired from third parties, and
where the development or the operation of the application is outsourced.