What security controls should I check before approving a new app?

These criteria are part of Section I (Regulatory and Legal Compliance) of the App Compliance framework and cover security management. Weaknesses in identity, access control, or logging are common sources of data incidents.

## What's Next

GDPR and Data Compliance

Regulatory requirements: DPA, encryption standards, and data transfer controls.

Operations and Technical Requirements

Backup, disaster recovery, RTO, and API security.