Security Needs Assessment for ‘Shell only’ /Part1 and ‘Shell and core’ projects

The Suitably Qualified Security Specialist (SQSS) must confirm that they have addressed all parts of the project where it is feasible to do so. Where security recommendations cannot be made for certain aspects of the project, this should be explained / justified in the Security Needs Assessment by the SQSS.