The chain is not stronger than the weakest link. And in many cases, the human factor is the weakest of them all. Even experienced and knowledgeable people forget things. And if it is not your human factors playing a trick, it might be one of your co-workers... To avoid forgetting important steps during development, quality assurance, deployment, and production, create mandatory checklists to follow, just as in aviation. Using checklists is a great support in stressful moments, and for people with good, albeit short, memories. Execute these checklists at important milestones in your project, to make sure you haven't forgotten anything important. Items you could include in these checklists, but should not be limited to:

• Run security-related unit tests
• Check certificates are valid and not set to expire soon
• Make sure ubiquitous encryption is enforced
• Check TLS endpoints using https://www.ssllabs.com/ssltest/
• Check security headers with https://securityheaders.io/
• Execute validation checks
• Execute penetration tests to make sure unauthenticated and unauthorized access is never granted at any level of the system to any data, service, or device
• Scan the network for open ports that should be closed, unauthenticated access points, and use of standard passwords
• Update software and operating systems
• Update documentation
• Make sure your Data Protection Impact Assessment (see the next chapter) is updated
• Configure key stores and usage of Trusted Platform Modules (TPM) to manage cryptographic keys
• Update keys and passwords where necessary