Question APPL-07
If mobile, is the application available from a trusted source (e.g., App Store, Google Play Store)?
| Weight | 15 |
| High Risk | No |
| Required | Yes |
| Compliant Answer | Yes |
Standard Guidance
Select N/A if there is no mobile version of your app.
Answering "NO"
Decribe how the application is distributed. Also, state any plans to publish the app to a trusted source.
Answering "YES"
State the application title as listed within the trusted source.
Reason for Question
Distributing application via known, moderately vetted application platform decreases the chances of malicious code distribution. Stand-alone deployments (nontrusted sources) should be looked at more closely.
Follow-Up Inquiries
Ask the vendor why this deployment strategy is used. Ask if it is a restriction of the app store platform or some other environment restriction.
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]