The Security Systems Development Life Cycle

1077 Words3 Pages
bulb-icon

Recommended: The systems development life cycle

Ensuring information security is properly managed businesses have implanted an approach to help manage it. The implementation is called the security systems development life cycle. The security systems development life cycle consists of six phases and each phase is crucial to the other. Starting with the initial phase, the six phases are investigation, analysis, logical design, physical design, implementation, then finally, maintenance and change. Each security phase is integral to the systems development life cycle due to its life cycle process.
The investigation phase is the beginning to the systems development life cycle and is considered the most important (Whitman, 2015, p. 27). As Whitman (2015) points out, as the first step, it is used in order to determine what the problem needing to be solved is and begins with an enterprise information security policy. This policy lay out the framework of a security program within the organization (Whitman, 2015, p. 27). Not only in this step are the problems discovered but objectives, constraints and scope of the project are specified (Whitman, 2015, p. 25). These help to concluded whether or not the company should go through with the implementation (Whitman, 2015, p. 25). As the first process, investigation doesn’t necessarily have a predecessor unless the current system cannot support the evolving mission of the organization (Whitman, 2015, p. 26). At that point, maintenance and change is considered the predecessor and the analysis process is the successor.
Analysis follows as a phase used to study findings from the investigation phase, in accordance to Whitman(2015). The findings from the predecessor phase investigation are user by the development team to conduct an analysis of...

... middle of paper ...

...fe cycle, there would not be an incident response action in place leaving a huge vulnerability in case of a catastrophe. Physical design is the phase where physical security measures are created to make sure the technologies are well protected, with this measure, data breaches and other malicious attacks could harm the business. With implementation of software, this phase gives businesses an opportunity to create or purchase security solutions instead of presenting a flawed system to users without the protection it requires. Lastly, without the security of consistent testing and monitoring in the maintenance and change phase, systems will become obsolete and detrimental to a business itself due to outdated systems (Whitman, 2015, p. 29). As fundamental as it sounds, without security in a software development life cycle, you open a business up to many potential flaws.

Show More
Related

  • Anorexia

    1024 Words  | 3 Pages

    Going into details of the article, I realized that the necessary information needed to evaluate the experimental procedures were not included. However, when conducting an experiment, the independent and dependent variable are to be studied before giving a final conclusion.

    Read More

  • How Technological Advancements Have Influenced Forensic Investigators

    3293 Words  | 7 Pages

    Analysis: Examination results are reviewed by the investigation team for their value in the case.

    Read More

  • Moral Life Of Babies Research

    952 Words  | 2 Pages

    Evaluating and understanding research findings is a very important skill for professionals to acquire. It is necessary to thoroughly collect data, findings, and results of the experiments to produce accurate detailed accounts of the studies.

    Read More

  • Kolb's Experiential Learning Cycle

    520 Words  | 2 Pages

    So there are four stages to this cycle: 1. Concrete Experience - (CE) 2. Reflective Observation - (RO) 3. Abstract Conceptualization - (AC) 4. Active Experimentation - (AE)

    Read More

  • The SARA Process

    462 Words  | 1 Pages

    This is the second step that researches what is known about the specific problem type and potential responses. Being able to understand the local context of the problem and determines how the problem is currently being addressed. Looking at the problem and identifying the causes will be an entailment of an issue as well as collect data on the problem.

    Read More

  • Homeland Security: The Mission Of Homeland Security

    1035 Words  | 3 Pages

    Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what

    Read More

  • The Importance Of Crime Scene Investigations

    1033 Words  | 3 Pages

    During an investigation there are number of important roles, methods, and a few other things

    Read More

  • Healthcare Workflow Analysis

    556 Words  | 2 Pages

    Workflow analysis, also known as process analysis, involves identifying, prioritizing, and ordering the tasks and information needed to achieve the intended result of a clinical or business process. Workflow analysis and process redesign are frequently omitted or overlooked when identifying and selecting new information technology. This would include developing a process for security collaboration among participating organizations. If a working group of security officers has been formed, this group might continue to meet in order to compare notes on possible security threats to the RHIO, review activity reports, or to discuss real or alleged incidents involving the data exchange systems.

    Read More

  • Primary Responsibilities of a Private Security Manager

    1019 Words  | 3 Pages

    Principle of Security Management by Brian R. Johnson, Published by Prentice-Hall copyright 2005 by Pearson Education, Inc.

    Read More

  • Systems Development Life Cycle ( Sdlc )

    829 Words  | 2 Pages

    The Systems Development Life Cycle (SDLC) consists of phases used in developing a piece of software. It is the plan of how to develop and maintain software, and when necessary, replace that software. In 2007 during my hospital’s transition to a new software system, I was fortunate enough to be included in the process. I did not get involved until the implementation phase, but from then on, until now, I remain very active in the process. I decided to highlight the Waterfall Model of SDLC. The Waterfall Model is a “sequential development process” with each phase continuing in a line (McGonigle and Mastrian, 2012, p. 205).

    Read More

  • Gender Stereotypes in T.V. Show How I Met Your Mother

    1424 Words  | 3 Pages

    The purpose of the first study was to do two things. To demonstrate a tech...

    Read More

  • Addie Model And The Instructional Design Model Comparison

    1265 Words  | 3 Pages

    In the analysis phase, the designer will determine and define the instructional problem to be solved and

    Read More

  • Software Requirement Specification

    1759 Words  | 4 Pages

    Whitman, M. & Mattord, H. (2010). Mangement of information security. (p. 339). Boston, MA: Cengage Learning.

    Read More

  • Network Management Plan And Security Plan

    841 Words  | 2 Pages

    The agreement between the company and I was to advice the company management toward adopting the best network management plan and security plan. Through the study, I carried out in the firm I was required to evaluate the firm requirement in term of network planning and making sure that the firm has proper mechanism to secure its systems against malicious damage. Considering that, the management personnel have background in IT therefore; they required me to give an expert opinion on the best ways in which they can adopt the network management and the security plan. They required me to evaluate firm needs and what the IT world would offer the firm to enable them to lay down plans for the network and security in the firm.

    Read More

  • Information Security

    2693 Words  | 6 Pages

    The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.

    Read More

More about The Security Systems Development Life Cycle

Open Document