What are the best practices for assessing security a software product? - Software Quality Control

What are the best practices for assessing security a software product?

- Implementing proper Application Architecture Practices.

- Design compliance of multi-layer components and their functionality.

- Input validation, Cross Site Scripting best practices

- Proper handling of error and exceptions.

- Proper access controls to the program and system functions.