Cybersecurity Template - Forward Sheridan

Here’s a list of some of the things I was looking to ensure was included in the project documentation:

Data flow diagrams.
Network diagrams.
Information about interconnected systems
Inventories of applications and technologies used.
Programming languages used.
A description of the Secure development process. Is code scanning done in development with tools such as DevInspect or Greenlight?
Further details on all forms including type, character limitations, specs on input validation. How are fields protected from injection attacks?
Security specs, details on all encryption algorithms, etc.
List of all IP protocols utilized for everyday functionality as well as administration with IP type (TCP/UDP) and direction (Inbound, Outbound, Bi-directional) as well as purpose.
Configuration baselines for servers and devices. Documentation that shows servers and devices have been hardened appropriately per security best practices. Are default accounts removed or disabled? Are patches & hotfixes installed? Are unnecessary applications or services removed or disabled? Are firewalls locked down?
List of all open source code licenses used.
List of training that developers take related to information security and devops security as well as how often.