Scribd
Upload
3 views7 pages

Unit-4 It Security

The document outlines the System Development Life Cycle (SDLC), detailing its phases including feasibility study, analysis, design, implementation, and maintenance, aimed at developing high-quality information systems. It also emphasizes the role and attributes of a systems analyst in guiding the development process and ensuring user requirements are met. Additionally, it introduces the concept of an Information Assurance Strategy, which provides guidelines to secure an organization's data and systems.

Uploaded by

Nikhil bhardwaj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3 views7 pages

Unit-4 It Security

The document outlines the System Development Life Cycle (SDLC), detailing its phases including feasibility study, analysis, design, implementation, and maintenance, aimed at developing high-quality information systems. It also emphasizes the role and attributes of a systems analyst in guiding the development process and ensuring user requirements are met. Additionally, it introduces the concept of an Information Assurance Strategy, which provides guidelines to secure an organization's data and systems.

Uploaded by

Nikhil bhardwaj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

MODULE — IV 9

System Development Life Cycle, Information Assurance in System Development Life


Cycle, Information Assurance in the Service Acquisition Life Cycle, Physical and
Environmental Security Controls, Handling of Media, Information Assurance
Awareness, Training, and Education (AT and E): Purpose, Benefits, AT and E : Design,
Development, AT and E Assessment, Types of Learning Programs, Employment
Policies and Practices, Security considerations for temporary employees, consultants
and other workers, Preventive Information Assurance Tools, Controls. Positioning and
staffing the Security function, Credentials for Information Security Professionals,
Access control: Benefits ,Techniques and Administration.

SYSTEM DEVELOPMENT LIFE CYCLE

System Development Life Cycle


An effective System Development Life Cycle (SDLC) should result in a high quality system
that meets customer expectations, reaches completion within time and cost evaluations, and
works effectively and efficiently in the current and planned Information Technology
infrastructure.

System Development Life Cycle (SDLC) is a conceptual model which includes policies and
procedures for developing or altering systems throughout their life cycles.

SDLC is used by analysts to develop an information system. SDLC includes the following
activities −

• requirements
• design
• implementation
• testing
• deployment
• operations
• maintenance

Phases of SDLC
Systems Development Life Cycle is a systematic approach which explicitly breaks down the
work into phases that are required to implement either new or modified Information System.
Feasibility Study or Planning
• Define the problem and scope of existing system.
• Overview the new system and determine its objectives.
• Confirm project feasibility and produce the project Schedule.
• During this phase, threats, constraints, integration and security of system are also
considered.
• A feasibility report for the entire project is created at the end of this phase.

Analysis and Specification


• Gather, analyze, and validate the information.
• Define the requirements and prototypes for new system.
• Evaluate the alternatives and prioritize the requirements.
• Examine the information needs of end-user and enhances the system goal.
• A Software Requirement Specification (SRS) document, which specifies the software,
hardware, functional, and network requirements of the system is prepared at the end
of this phase.
System Design
• Includes the design of application, network, databases, user interfaces, and system
interfaces.
• Transform the SRS document into logical structure, which contains detailed and
complete set of specifications that can be implemented in a programming language.
• Create a contingency, training, maintenance, and operation plan.
• Review the proposed design. Ensure that the final design must meet the requirements
stated in SRS document.
• Finally, prepare a design document which will be used during next phases.

Implementation
• Implement the design into source code through coding.
• Combine all the modules together into training environment that detects errors and
defects.
• A test report which contains errors is prepared through test plan that includes test
related tasks such as test case generation, testing criteria, and resource allocation for
testing.
• Integrate the information system into its environment and install the new system.

Maintenance/Support
• Include all the activities such as phone support or physical on-site support for users
that is required once the system is installing.
• Implement the changes that software might undergo over a period of time, or
implement any new requirements after the software is deployed at the customer
location.
• It also includes handling the residual errors and resolve any issues that may exist in
the system even after the testing phase.
• Maintenance and support may be needed for a longer time for large systems and for a
short time for smaller systems.

Life Cycle of System Analysis and Design


The following diagram shows the complete life cycle of the system during analysis and
design phase.
Role of System Analyst
The system analyst is a person who is thoroughly aware of the system and guides the system
development project by giving proper directions. He is an expert having technical and
interpersonal skills to carry out development tasks required at each phase.

He pursues to match the objectives of information system with the organization goal.

Main Roles
• Defining and understanding the requirement of user through various Fact finding
techniques.
• Prioritizing the requirements by obtaining user consensus.
• Gathering the facts or information and acquires the opinions of users.
• Maintains analysis and evaluation to arrive at appropriate system which is more user
friendly.
• Suggests many flexible alternative solutions, pick the best solution, and quantify cost
and benefits.
• Draw certain specifications which are easily understood by users and programmer in
precise and detailed form.
• Implemented the logical design of system which must be modular.
• Plan the periodicity for evaluation after it has been used for some time, and modify
the system as needed.

Attributes of a Systems Analyst


The following figure shows the attributes a systems analyst should possess −
Interpersonal Skills
• Interface with users and programmer.
• Facilitate groups and lead smaller teams.
• Managing expectations.
• Good understanding, communication, selling and teaching abilities.
• Motivator having the confidence to solve queries.

Analytical Skills
• System study and organizational knowledge
• Problem identification, problem analysis, and problem solving
• Sound commonsense
• Ability to access trade-off
• Curiosity to learn about new organization

Management Skills
• Understand users jargon and practices.
• Resource & project management.
• Change & risk management.
• Understand the management functions thoroughly.

Technical Skills
• Knowledge of computers and software.
• Keep abreast of modern development.
• Know of system design tools.
• Breadth knowledge about new technologies.

INFORMATION ASSURANCE STRATEGY

What is the information assurance strategy?


• A Information Assurance Strategy is a set of guidelines, processes, and
protocols used to ensure the security and integrity of an organization's data
and systems. It outlines the objectives, actions, and measures to be taken to
protect an organization from security incidents and outages.

Phases of Acquisition Process

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy