Secure Software Development Checklist

[mikef () everfast com]

Because I'm the resident security expert, I've been tasked with helping our developers ensure new applications meet 
industry standard (particularly PCI) security requirements. I'm thinking about doing some sort of checklist that could 
be used to verify the particular requirements are met during the development phase, but I'm not sure where to start.=20

Most of the secure coding information relates to web applications, however I need to develop rules for a variety of 
applications ranging from web to DOS (yes that's Ms-DOS) to point of sale. Also could the checklist be used for a 
variety programming languages.=