Many system development life cycle (SDLC) models exist that can be used by an organization to effectively develop an information system. Security should be incorporated into all phases, from initiation to disposition, of an SDLC model. This Bulletin lays out a general SDLC that includes five phases. Each of the five phases includes a minimum set of information security tasks needed to effectively incorporate security into a system during its development. It illustrates the information security tasks applicable to each SDLC phase and the relevant references.
Citation: Electronic Publication
Pub Weblink: http://csrc.nist.gov/groups/SMA/sdlc/index.html
Pub Type: Websites
information security, system development lifecycle, system life cycle security