I am writing a business case for an enhancement of our corporate SDLC to include explicit security considerations throughout. I would like to reference industry best practice documents or standards that reflect this approach or discuss its advantages. Can any of you point me to such documentations? Thanks! jaime