Security Systems Development Life Cycle

Decent Essays
Security Systems Development Life Cycle
The security systems development life cycle (SecSDLC) uses the same phases as the systems development life cycle. Although the two processes are different due to what each is used for and the activities associated with them, Michael Whitman and Herbert Mattord claim “the overall methodology is the same.” (2012, pg. 26). Since a business, company, or an organization with a network must consider the many technologies and methodologies available today, for an effective security control plan, one would be remiss not to follow the SecSDLC phases:
1. The Investigation phase is engaged with “a directive from upper management, dictating the process, outcomes, and goals of the project, as well as its budget and other constraints” (Whitman & Mattord, 2012, pg. 26). During this phase, all interested parties discuss whether the organization has the funds and commitment to move forward with a potential plan.
2. The Analysis phase is engaged when documentation from the investigation phase is reviewed. The team will analyze current policies and threats, and “relevant legal issues that could affect the design of the security solution” (Whitman & Mattord, 2012, pg. 27) as well.
3. The Logical Design phase is engaged when the analysis of the plan is complete. This phase is where the team “creates and develops the blueprints for information security” (Whitman & Mattord, 2012, pg. 27). This phase also considers significant procedures that may impact plan
Get Access