Identify the document that defines the process for ensuring web applications and application interfaces are not vulnerable to improper access control.
Describe the processes observed to be in place for ensuring that web applications and application interfaces are not vulnerable to improper access control.