Some of the BENEFITS of integrating security into the system development life cycle include :
- Early identification and mitigation of security vulnerabilities and problems with the configuration of systems, resulting in lower costs to implement security controls and mitigation of vulnerabilities.
- Awareness of potential engineering challenges caused by mandatory security controls.
- Facilitation of informed executive decision making through the application of a comprehensive risk management process in a timely manner.
- Documentation of important security decisions made during the development
process to inform management about security considerations during all phases of
development. - Improved organization and customer confidence to facilitate adoption and use of
systems, and improved confidence in the continued investment in government
systems. (1)
Phase 1 -->Preliminary Analysis
- Objectives - To identify the customer's needs, evaluate system concept for feasibility, perform economic and technical analysis, perform cost benefit analysis and create system definition that forms the foundation for all subsequent engineering works.
- In this Phases 1 you should be enough expertise available for hardware and software for doing analysis.After the preliminary analysis, the analyst should report the findings to management, with recommendations outlining the acceptance or rejection of the proposal. (2)
CiTaTION:::::
(1) http://csrc.nist.gov/publications/nistbul/april2009_system-development-life-cycle.pdf
(2) http://www.freetutes.com/systemanalysis/sa3-preliminary-analysis.html
(1) http://csrc.nist.gov/publications/nistbul/april2009_system-development-life-cycle.pdf
(2) http://www.freetutes.com/systemanalysis/sa3-preliminary-analysis.html
No comments:
Post a Comment