Systems Development Life Cycle for Information Assurance

This is an ongoing project of mine that will entail a lot of updating. I am presuming that I can establish a common framework using the highly-adaptable systems analysis and design framework, a systems development life cycle, to break down common attributes of various IT security frameworks such as the NIST-800 series and PCI-DSS. After my model is complete, a user could plug in the various sub-processes of said IT security frameworks, which would help make clear which aspects of various frameworks are complete, incomplete, or missing. This framework could also be used to integrate multiple IT security frameworks, and by using scores for each sub-processes, the user could generate a “most-effective” or “most-cost-effective” information assurance plan.