Security and Risk management in SDLC Software development Life cycle

1,264
-1

Published on

Security,Software development life cycle, SDLC, Risk Management,NIST,TOGAF,PMI,COBIT

Published in: Software
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,264
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security and Risk management in SDLC Software development Life cycle

  1. 1.   Initiation: Security User Stories Identified  Planning: Incorporate Risk identified in System Architecture and Design.  Implementation: Assess Identified Risk on Implementation.  Monitoring & Control: Changes, CR (Change request must be reauthorized.  Closing: Dispose off unwanted software, hardware & information Components. Security Risk Management in SDLC
  2. 2. Step 1. System Characterization Step 2. Threat Identification Step 3. Vulnerability Identification Step 4. Control Analysis Step 5. Likelihood Determination Step 6. Impact Analysis Step 7. Risk Determination Step 8. Control Recommendations Step 9. Result determination.
  3. 3.  Risk Management Steps Defined under PMI Risk Management Process Groups : Input – process – Output - Outputs: (Risk Register, Risk Management plan, Risk Response, Communication Management plan, Quantitative and Qualitative Risk Assessment and Mitigation) This is Almost similar To NIST methodology discussed above. PMI groups deals with Project management in general. Whereas in NIST RM steps are Generic and platform independent to work across multiple methodology.
  4. 4.   This is Evolving presentation: Will add more details Refer Blog/presentation Read by almost 50,000 people. More details and write up can be found at:  http://www.productmanagementview.wordpress.com  http://projectmanagerview.wordpress.com  http://sandyclassic.wordpress.com More Details

×