The Microsoft SDL Optimization Model provides development organizations with a strategic framework to facilitate gradual, consistent and cost-effective implementation of the SDL. The model enables development managers and IT policy-makers to:

  • Self-assess their current state of security in development.
  • Create a strategy and road map for reducing customer risk.
  • Outline practical and cost-effective activities to progressively attain measurable security process improvements with realistic resources and timelines.

http://msdn.microsoft.com/en-us/security/dd221356.aspx

http://msdn.microsoft.com/en-us/security/dd219581.aspx