I found this while browsing for software process documents at the
Carnegie-Mellon SEI website. It goes over CERT security improvements and
though it was listed under 'Security for a Public Web Site', I think it
could apply to just about every aspect of security. Check it out if you
like:

http://www.cert.org/security-improvement/#modules


-------------------------------------------
Lucas Vogel, Software Developer
Exponent Failure Analysis Associates, Inc.
lvogel@exponent.com
(623)587-6739