chapter 8 sdlc
TRANSCRIPT
-
8/17/2019 Chapter 8 SDLC
1/14
System Administration(Software/System Development Life
Cycle)
Notes
-
8/17/2019 Chapter 8 SDLC
2/14
Software/System Development LifeCycle (SDLC)
● This is a framework that describes activitiesperformed at each sta e of a Software/Systemdevelopment pro!ect
● Can have different types i"e" # $– %aterfall– &rototypin– A ile– And so many more
-
8/17/2019 Chapter 8 SDLC
3/14
SDLC $ 'enefits
● 'etter plannin and control by pro!ect mana ers"● Compliance to prescribed standards ens rin
better ality"● Doc mentation that SDLC stresses on is an
important meas re of comm nication and control"● The phases are important milestones and help the
pro!ect mana er and the ser for review and si noff"
-
8/17/2019 Chapter 8 SDLC
4/14
SDLC * 'enefits for A ditors● The +S a ditor can have clear nderstandin of the vario s
phases if the SDLC on the basis of the detaileddoc mentation created d rin each phase of the SDLC"
● The +S A ditor on the basis of his e,amination- can state in
his report abo t the compliance by the +S mana ement of theproced res- if any- set by the mana ement"
● The +S A ditor- if has a technical knowled e and ability of thearea of SDLC- can be a ide d rin the vario s phases ofSDLC"
● The +S a ditor can provide an eval ation of the methods andtechni es sed thro h the vario s development phases ofthe SDLC
-
8/17/2019 Chapter 8 SDLC
5/14
SDLC $ .isks
● The development team mi ht find itc mbersome
● The sers my find the end prod ct is not visible
for a lon time● The ri idity of the approach may prolon the
d ration of many pro!ects●
+t may not be s itable for small and medi msi ed pro!ects
-
8/17/2019 Chapter 8 SDLC
6/14
SDLC * The 'asic Steps
● &rimarily the ma!or steps of the SDLC modelare 0- namely &reliminary +nvesti ation-.e irement Analysis- Systems Desi n-
Systems Development- System Testin -System +mplementation and 1aintenance● ' t for the p rposes of this co rse- we will only
look at the 2 basic steps of # Analysis-Development- Testin 3 +mplementation"
-
8/17/2019 Chapter 8 SDLC
7/14
SDLC * The 'asic Steps Cont"● Analysis # $ 4ere yo are analy in the type of system on the basis of the
sers re irements" 5acts of what the sers re ire can be obtainedthro h doc ments- estionnaires- interviews- observations
● Development # $ here yo are pro rammin or developin the system asdesi ned and cond ctin the contin o s testin and deb in by
convertin the specification into a f nctionin system● Testing # $ At this sta e- vario s kinds of testin are cond cted before the
developed system is implemented● Implementation # $ 5inal Testin and ality of controls a dit- acceptance
by mana ement and ser before mi ration of the system to the live
environment and data conversion from le acy system to the new system"● 1ore on this sta e can be read from the attached pdf
-
8/17/2019 Chapter 8 SDLC
8/14
System/Software DevelopmentA dits
● The system development process is a pro!ect thata company ndertakes" 5or more detailedinformation abo t what we will be disc ssin herecan be fo nd in the +T A ditin Te,t book (Schillerand Davis pa e 607 A ditin company pro!ects)
● 8ven tho h the a dit process never really stopsd rin the entire pro!ect d ration- there are a few
si nificant differences between the a dits thatocc r on either side of the implementationprocess (pre and post)
-
8/17/2019 Chapter 8 SDLC
9/14
&re$+mplementation A dits● A pre$implementation a dit is an a dit carried o t on
departmental/a ency systems d rin the desi n/development andinstallation process rather than after the system has been t rnedover to the client for operation"
●
%hy999 The rationale for initiatin pre$implementation a ditin isthat it is more cost$effective to correct weaknesses in the controlframework d rin the desi n/ development and installationprocess than after implementation- when lar e antities ofreso rces have been e,pended and stron commitment to theentity nder desi n has been enerated"
● This does not eliminate the need for post$implementation a ditsas there is no ass rance that what was desi ned and installed
was maintained or operated as intended- and that the ori inalre irements contin e to hold tr e"
-
8/17/2019 Chapter 8 SDLC
10/14
&re$+mplementation A dits Cont"
● 4ere the a ditor has to ens re that the correctprocesses are followed d rin the systemdevelopment process"
●
The a ditor also has to a dit the controlframeworks that are bein embedded in the desi nof the said system
● The ma!or disadvanta e of the pre$implementation
a dit is that of impairin independence" This meansthat the a ditor d rin the a dit process will impactthe desi n of the system if not properly monitored"
-
8/17/2019 Chapter 8 SDLC
11/14
&ost +mplementation A dits
● A &ost$+mplementation .eview (&+.) is an assessment andreview of the completed workin sol tion" +t will be performedafter a period of live r nnin - some time after the pro!ect iscompleted"
● There are three main reasons of a &+A– To ascertain the de ree of s ccess from the pro!ect- in partic lar- the
e,tent to which it met its ob!ectives- delivered planned levels of benefit- andaddressed the specific re irements as ori inally defined"
– To e,amine the efficacy of all elements of the workin b siness sol tion tosee if f rther improvements can be made to optimise the benefit delivered"
– To learn lessons from this pro!ect- lessons which can be sed by the teammembers and by the or anisation to improve f t re pro!ect work andsol tions"
-
8/17/2019 Chapter 8 SDLC
12/14
&ost +mplementation A dit Cont"● &ost +mplementation A dits are done by a ditors and sho ld
look at these main iss es● Current Situation # $ to check if the re ired f nctionality is
available- also whether proced res are properly doc mented-p blished and known abo t
● Benefits # $ to check the final cost of the pro!ect and also what arethe operatin costs of the new sol tion
● Future Improvements # $ eval ate whether coachin and trainincan improve the de ree of benefits of the new system" Also can see
which learnin points can be sed for f t re pro!ects to improveefficiency and effectiveness"
● The ma!or disadvanta e of &+A is that it becomes costly tocorrect problems that were made d rin the developmentsta es
-
8/17/2019 Chapter 8 SDLC
13/14
Software Sec rity A ditin andControl
● &art ' +ncident .esponse and basic steps# $● +dentification● Containment● Collection● .ecovery● Analysis
-
8/17/2019 Chapter 8 SDLC
14/14