Security Considerations In The Information System Development Life Cycle Recommendations Of The National Institute Of Standards And Technology

Including security early in the information system development life cycle (SDLC) will usually result in less expensive & more effective security than adding it to an operational system. This guide presents a framework for incorporating security into all phases of the SDLC process, from initiation to disposal. Here is a guide to help select & acquire cost-effective security controls by explaining how to include information system security requirements in appropriate phases of the SDLC. Chapters: Incorporating Security into the Information SDLC: Key Roles & Responsibilities for Development Initiative, Expressing Security Properties, & IT Security in the SDLC; Fed. Gov't. RFP; Spec's., Clauses, & Tasks; Glossary; & Frequently Asked Questions.Grance, Tim is the author of 'Security Considerations In The Information System Development Life Cycle Recommendations Of The National Institute Of Standards And Technology', published 2004 under ISBN 9780756741754 and ISBN 0756741750.