Are information security checkpoints (e.g. risk assessment process, secure design/architecture review, source code review, security vulnerability testing, remediation of all high and critical vulnerabilities prior to moving code to production, etc.) incorporated into the software development lifecycle process?

Does Altium maintain an SDLC?

Do you have a change control process in place?