Mechanisms exist to require software vendors / manufacturers to demonstrate that their software development processes employ industry-recognized secure practices for secure programming, engineering methods, quality control processes and validation techniques to minimize flawed or malformed software.
Does the organization require software vendors / manufacturers to demonstrate that their software development processes employ industry-recognized secure practices for secure programming, engineering methods, quality control processes and validation techniques to minimize flawed or malformed software?