Software Life Cycle

The table below summarizes the security considerations at each stage of the software life cycle:

Software life cycle stage	Sub stage	Security by design deliverables
InitiationP	Concept Note	Security risk assessment
	Feasibility study	Security risk assessment
	Project planning	Security planning
Acquisition	Requirements & ToRs	Security requirements
	RFP /inhouse	Security requirements
	Evaluation / inhouse	Tender security evaluation
Architecture & Design	Architecture & Design	Security design
Development	Development	Secure development
Testing	Test planning	Security test planning
	Component testing	Application security testing
	System integration testing	System security testing
Deployment	Deployment	Secure configuration and access control Penetration testing
Operations & maintenance	Operations & support	Audit & continuous monitoring
Upgrade / Decommission	Upgrade /Decommission	Secure disposal

Security by design ensures that security is not an afterthought but a fundamental aspect considered from the beginning. Below are security best practices that should be incorporated at each software lifecycle stage:

Software Life Cycle

Initiation

Acquisition

Architecture & Design

Development

Testing

Deployment Phase

Operations and Maintenance

Upgrade /Decommission

Software Life Cycle

No Comments