A secure-by-demand approach allows organizations to drive the quality of software by stipulating strict requirements for software manufacturers.

Structure, evaluation criteria and reporting are all key aspects of the audit follow-up process that can determine the effectiveness of IT auditors' recommendations.