CASA Self-Initiated Assessment

Stay organized with collections Save and categorize content based on your preferences.
CASA Self-Initiated Assessment

You can use the CASA framework to test your application level of assurance and provide your users higher protection and confidence in your application security posture. This type of assessment follows the below steps:

Tier Determination

For self initiated assessments, developers can choose any assurance level to proactively evaluate a given application. A Tier 4 assessment is always recommended to provide the highest assurance to users of a given application.

To simulate an assessment using the "default"; tier of your application, follow the tier assignment provided in the tiering section.


Reach out to any preferred Authorized Assessor(s) to price and schedule your assessment. Indicated that this is a self initiated assessment and the tier you would like to conduct the assessment.


Upon completion of the assessment you can disclose on your application and your website that your application has been independently validated through the App Defense Alliance


A self initiated assessment is valid for 2 years at the level of the assessment. In order to continue your application compliance and provide your users with higher assurance you must revalidate after 2 years.