A company is updating its CRM (customer relationship management) software to incorporate new functionalities demanded by customers. One day, one of its largest clients demanded a new product feature urgently within a week. The software development team were under pressure with other projects, so they rushed this feature change with a few testing samples. The company outsourced their Quality Assurance (QA) team to another country, which is now under COVID-19 lockdown. Most of the QA testers cannot work from home, due to various reasons. The manager of the software development team decided to test the functionality among themselves and released the software patch as an emergency release. The markets in USA and UK took the patch into production system without issue. But when other European markets took the patch, they found issues with date and currency formats, resulting in corruption of data and customer dissatisfaction. Further investigation revealed that the developers only spoke English, only considered the 12-hour time format, and did not consider that some European countries use . (dot) as the thousand separator and , (comma) as the decimal separator.

Please write a report to include the following information:

1) What is ONE most relevant principle in secure software requirements (e.g. procurement, session management1) that have been violated in this case study, why do you think it is the most relevant, and how it should be corrected?

2) What are the TWO most relevant principles in secure software design (e.g. least privilege, separation of duties2) that have been violated in this case, why and how they should be corrected?