Systems Development Life Cycle for Information Assurance

This is an ongoing project of mine that will entail a lot of updating. I am presuming that I can establish a common framework using the highly-adaptable systems analysis and design framework, a systems development life cycle, to break down common attributes of various IT security frameworks such as the NIST-800 series and PCI-DSS. After my model is complete, a user could plug in the various sub-processes of said IT security frameworks, which would help make clear which aspects of various frameworks are complete, incomplete, or missing. This framework could also be used to integrate multiple IT security frameworks, and by using scores for each sub-processes, the user could generate a “most-effective” or “most-cost-effective” information assurance plan.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s