|
Written by Administrator
|
|
Thursday, 09 July 2009 08:54 |
|
Page 12 of 17 System DevelopmentSecurity is most effective if it is planned and managed throughout the life cycle of a system or application, versus applying a third-party package as a front end at the end after the development. A security plan should be drawn up at the beginning of a development project and integrated into the functional plan. Life Cycle PhasesSecurity is not listed here as an individual bullet point because it should be embedded throughout all phases. Security should be addressed in each phase of system development. Security should not be addressed only at the end of development, because of the added cost, time, and effort and the lack of functionality.
Project initiation - Conception of project definition
- Proposal and initial study
- Initial risk analysis
Functional design analysis and planning - Requirements uncovered and defined
- System environment specifications determined
- Formal design created
System design specifications - Functional design review
- Functionality broken down
- Detailed planning put into place
- Code design
Software development - Developing and programming software
Installation - Product installation and implementation
- Testing and auditing
Maintenance support - Product changes, fixes, and minor modifications
Disposal - Depending on the system sensitivity level
|
|
Last Updated on Friday, 28 August 2009 05:04 |
