Initiation Phase

This is where the need and purpose for the information system is defined and documented. It is important to involve key stakeholders and/or business partners in this phase, whether they are internal or external to the group defining the system.

design the system

The requirements for the information system must be established, but at this point, some of them will be in general terms. This includes:

System Characterization
Beginning to outline the Risk Assessment process

(both of these areas are covered more in depth in the sections linked above)

The ongoing process of collecting system knowledge begins here with:

Inventory and Asset Management
Site Security Plan
Risk Assessment
Configuration Management

Share and Enjoy:

Categories: SDLC Framework
Tags: initiation phase, inventory, NIST Computer Security, Risk Assessment, risk management, SDLC Framework, system categorization, System Characterization, system description

By Omar Fink on September 8th, 2008

You must be logged in to post a comment.

HackingTheUniverse

Initiation Phase

Leave a Reply

Solve the puzzle

Random Quote

Links We Like:

InfoSec

Singularity