Acceptance Criteria

• Documentation written and findings shared with the team
• User stories descriptions updated if necessary
• Security sign off (pre and post audit)

Tasks

• Security team to report their findings
• Dev team to implement the report findings from the security audit