SECURE SOFTWARE DEVELOPMENT LIFECYCLE (SDLC) MANAGEMENT
We help you to establish a structured system development methodology. It applies to all types of business applications and related technical infrastructure. This methodology is supported by specialised, segregated development environments and involves a quality assurance process:
- System Development Methodology. Development activities should be conducted in accordance with a documented system development methodology to ensure that systems (including those under development) meet business and information security requirements.
- System Development Environments. System development activities should be performed in specialised development environments, which are isolated from the live and testing environments, and protected against unauthorised access to provide a secure development process, and avoid any disruption to business activity.
- Quality Assurance. Quality assurance of key security activities should be performed at each stage of the system development lifecycle to provide assurance that security requirements are defined adequately, agreed security controls are developed, and security requirements are met.
We help you to develop business applications in accordance with an approved system development lifecycle. It includes applying industry good practice such as ISO, NIST, ISF SoGP, OWASP (ASVS, SAMM, etc.), CIS, vendors’ methodologies (Microsoft, Apple, Oracle and so on), etc. and incorporating information security during each stage of the system lifecycle: