ÖNORM A 7700
“Technical requirements for secure Web applications”

The ÖNORM A 7700 standard is the first certifiable standard in the EU for Web application security.

  • The previous version of the ÖNORM A 7700, ONR 17700, was developed in 2004-2005 by the Austrian Standards Institute, SEC Consult, major banks, insurance companies, public authorities and industrial companies
  • The goal is to provide comprehensive security guidelines for Web applications and Web services (which are only partially covered by other standards)
  • Multi-level, in-depth source code audits during certification ensure a high level of security
  • Since 2008, the standard has been classified as ÖNORM for the procurement and development of secure Web applications
  • A fundamental revision in 2019 led to the inclusion of the "Secure operation of Web applications" and "Requirements through data protection to Web applications" categories

Benefits of the ÖNORM A 7700 standard


Improvement of in-house development of Web applications by using ÖNORM A 7700 as a guide


Step-by-step, prioritized deployment through certification of individual Web applications and their operating environment

Supply chain

Commitment of Web application vendors and manufacturers to implement clear security standards according to the ÖNORM A 7700


Support for privacy-compliant Web applications


Sustainable investment to improve the security level and to confirm your security strategy


Gradual improvement of the overall security