Be the first to like this
SDLC models define preliminary stages in the terms of “requirements gathering”
or “concept exploration”. It is very important that relevant security personnel are
engaged in the process by the software project team in these early phases of the
The gathering of security requirements is an important preliminary activity.
Requirements must be clear and derived from some source or origin. The
student/reader proposes sources of governance allowing requirements to be
“derived” or indirectly linked to regulations, laws, compliance policies, etc.