The document discusses different aspects of designing an information system, including business processes, usability, graphic design, and analytical design. It states that the design must satisfy business needs, be easy to navigate, have visual appeal, and clearly represent quantitative information. It also discusses how the systems development life cycle (SDLC) was created in response to increasing computer complexity in the 1950s-60s to provide a structured development process, and how security is now integrated throughout the SDLC rather than just in testing.

2. Overview of Design of an Information System
Different people use the word design in different contexts. When IS professionals speak of
design, they are referring to business processes. Problems must be analyzed and
requirements documented before solutions are designed, developed, and implemented.
After all if the design does not satisfy the business need, then what’s the point? However,
satisfying the business need is really a baseline standard.
Usability describes how easy the system is to navigate. The easier the system is to navigate,
the less time a user will need to spend learning to use the system. A more usable system also
leaves less room for error.
Graphic design refers to the visual appeal and organization of the user interface. There is
obviously some overlap here with usability. Usable systems typically adhere to at least
some graphic design rules.

3. However, a usable system could be bland and uninteresting. Employing graphic design
principles helps ensure that the system will have visual appeal.
Existing colors, fonts, and logos are all a part of the brand for which the system is being
created.
Analytical Design describes how to best represent information—especially quantitative
information—to communicate clearly and truthfully. Every information systems project
has quantitative dimensions associated with project management. These include
estimating costs, time schedules, and so forth.

4. How was the SDLC created?
In the 1950s and 1960s, computer science progressed rapidly. This swift evolution sparked the
beginnings of a production framework that eventually grew into the SDLC we know today.
Prior to the 1950s, computing was not elaborate enough to necessitate a detailed approach like
the SDLC. As the complexity and scale of programming grew, the concept of structured
programming emerged. Over time, structured programming demanded more tactical
development models, thus sparking the beginnings of the SDLC.
The role of security in the SDLC
The initial concept and creation of the SDLC only addressed security activities as a separate
and singular task, performed as part of the testing phase. The shortcomings of this after-the-
fact approach were the inevitably high number of vulnerabilities or bugs discovered too late
in the process, or in certain cases, not discovered at all.

5. This idea of ‘baking-in’ security provides a ‘Secure SDLC’- a concept widely recognized
and adopted in the software industry today. A secure SDLC is achieved by conducting
security assessments and practices during ALL phases of software development.
With modern application security testing tools, it is easy to integrate security throughout
the SDLC. In keeping with the ‘secure SDLC’ concept, it is vital that security assurance
activities such as penetration testing, threat modeling, code review, and architecture
analysis are an integral part of development efforts.
Today, it is understood that security is critical to a successful SDLC, and that integrating
security activities throughout the SDLC helps create more reliable software. By
incorporating security practices and measures into the earlier phases of the SDLC,
vulnerabilities are discovered and mitigated earlier, thereby minimizing overall time
involved, and reducing costly fixes later in the life cycle.

6. System Development Life Cycle

7. An effective System Development Life Cycle (SDLC) should result in a high quality system
that meets customer expectations, reaches completion within time and cost evaluations, and
works effectively and efficiently in the current and planned Information Technology
infrastructure.
System Development Life Cycle (SDLC) is a conceptual model which includes policies and
procedures for developing or altering systems throughout their life cycles.
SDLC is used by analysts to develop an information system. SDLC includes the following
activities −
•Requirements
•Design
•Implementation
•Testing
•Deployment
•Operations
•Maintenance

8. Systems Development Life Cycle is a systematic approach which explicitly breaks down
the work into phases that are required to implement either new or modified Information
System.

9. Feasibility Study or Planning:
•Define the problem and scope of existing system.
•Overview the new system and determine its objectives.
•Confirm project feasibility and produce the project Schedule.
•During this phase, threats, constraints, integration and security of system are also
considered.
•A feasibility report for the entire project is created at the end of this phase.
Define Requirements And Analysis
Defining requirements is considered part of planning to determine what the application is
supposed to do and its requirements. For example, a social media application would
require the ability to connect with a friend. An inventory program might require a search