What if the supplier develops software utilised by the company?

1.1.In case the Supplier develops software or other services utilized by COMPANY NAME, the Supplier shall adhere to a robust security software development lifecycle and align with the ISO/IEC 27001 regarding correct processing in application to prevent errors, loss, unauthorized modification or misuse of information in application. Software shall be tested for security vulnerabilities on a regular basis. Such tests shall be performed at least once every year for systems not exposed to internet, and at least once every quarter for systems exposed to internet. Vulnerability findings shall be resolved within sixty (60) days.