SlideShare une entreprise Scribd logo

Sdlc checklist

M
Mwandayi
1  sur  4
Télécharger pour lire hors ligne
Systems Development Life Cycle Checklists The System Development Life Cycle (SDLC) process applies to information system development projects ensuring that all functional and user requirements and agency strategic goals and objectives are met. The SDLC provides a structured and standardized process for all phases of any system development effort. These phases track the development of a system through several development stages from feasibility analysis, system planning and concept development; to acquisition and requirements definition; design; development; integration and testing; deployment and acceptance; though deployment and production; and finally to system retirement. The Records Management (RM) Profile1 recommends that agencies embed records management requirements in the earliest stages of the SDLC. The following document is a checklist to assist agencies to integrate RM into the SDLC. The checklist identifies certain points in the SDLC process where the agency may propose to establish records management review and approval to ensure that sound RM practices are incorporated into the development of its proposed IT systems. While the attached SDLC diagram demonstrates these stages in a linear “waterfall” systems development methodology, the checklist can be used with other systems development methodologies as well, such as “spiral,” “parallel,” “rapid application development (RAD)” and “prototyping” by modifying the checklist to fit the phases of the preferred SDLC method used. The checklist provides three to five basic questions about records management and recordkeeping for each phase of the SDLC lifecycle process. The checklist questions are intended to begin a more detailed discussion with agency records managers, IT and CPIC staff, and program managers and staff that will help identify recordkeeping requirements in each phase, with a great emphasis on identifying records management requirements at the earliest stages of project planning, initiation and requirements gathering. Because individual agency SDLC processes and policies vary widely, the checklist is not designed to be used as the only checklist an agency might need, or even a “one size fits all” approach to identifying recordkeeping requirements within an individual agency’s SDLC policies. Rather, the checklist demonstrates a widely used methodology to plan and develop new IT systems that can be used as a model or template that individual agencies can revise or tailor to their own unique SDLC process, IT and systems development policies and procedures to identify their unique records management and recordkeeping requirements. For instance, some agencies use a five-step SDLC process, and others use a ten-step process, and they should revise or modify checklist to meet their specific SDLC policy and business needs. For more information please contact your agency’s records management point of contact at NARA at http://www.archives.gov/records- mgmt/appraisal/work-group-all.html. 1 Refer to Federal Enterprise Records Management Profile, Sections 4.1.1 through 4.1.6; http://www.archives.gov/records-mgmt/policy/rm-profile.html.
Integrating RM into the SDLC # RM Integration into the SDLC Y, Comments N, NA Phase 1: Concept Development 1 Is the agency Records Officer included from the beginning in the system design process? 2 Are records identified that support the business process? 3 a. Do current record schedules apply to the new system? b. Is a new record schedule required because of changes in the records? 4 Is the agency Records Officer signature on the agency Investment Summary Proposal? Phase 2: Requirements Document 5 Are all records-related requirements identified and incorporated into the final CONOPS Report and Business Requirements Document? 6 Are new records schedules being drafted, if needed? 7 Is the agency Records Officer signature on the requirements document? Phase 3: Design 8 Are all records management requirements incorporated into the system design document? 9 Is the agency Records Officer signature on the system design document? Phase 4: Detailed Design 10 Is the agency records management staff included in project status meetings as needed? Phase 5: Development 11 Is the agency records management staff included in project status meetings as needed? 12 Are proposed records schedules submitted to the NARA? Phase 6: Integration & System Testing 13 Are records management requirements incorporated into the system? 14 Is the agency Records Officer signature on the Systems Test Report? Phase 7: Deployment & Acceptance 15 Is the agency records management staff included in project status meetings as needed? 16 Is the agency Records Officer signature on the document approving deployment of the system? Phase 8: Production 17 Is the Mid-Cycle Review complete? (Review to occur 3 years after going to production to validate records management requirements and records schedules.) 18 Are disposition authorities being implemented in accordance with appropriate dispositions? 19 Is the Mid-Cycle Review report sent to the agency records management staff for review? 20 Is the agency Records Officer signature on the Mid-Cycle Review certification document? 2
Phase 9: Retirement & Rollover 21 At the time of retirement or rollover of the system, are records preserved, retained, and fully accessible for the full retentions in accordance with appropriate dispositions? 22 At the time of retirement or rollover of the system, are temporary records destroyed in accordance with appropriate dispositions? 23 At the time of retirement or rollover of the system, are permanent records transferred to NARA in accordance with the appropriate dispositions? 3
Systems Development Life Cycle Method Product Plan Based on needs identified in BPD and approved in CPIC Includes creation points for records Phase Deliverables Concept Development Requirements Definition Preliminary Design Detail Design Development Integration & System Test To next phase Development & Acceptance Testbeds and prototypes To next Production Pilots phase Production and evolutionary releases Another Yes New Phase Phase? Planning No Retirement & Roll Over

Recommandé

IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubKaushal Trivedi
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Complianceseanpizzy
 
Example business continuity plan
Example business continuity planExample business continuity plan
Example business continuity planMicheal Axelsen
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001technakama
 

Recommandé

IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubKaushal Trivedi
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Complianceseanpizzy
 
Example business continuity plan
Example business continuity planExample business continuity plan
Example business continuity planMicheal Axelsen
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
Cobit 2019 framework by ISACA
Cobit 2019 framework by ISACACobit 2019 framework by ISACA
Cobit 2019 framework by ISACAMDFazlaRabbiAbir
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001technakama
 
A tailored enterprise architecture maturity model
A tailored enterprise architecture maturity modelA tailored enterprise architecture maturity model
A tailored enterprise architecture maturity modelPaul Sullivan
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPsJayesh Daga
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
IT General Controls
IT General ControlsIT General Controls
IT General ControlsCicero Ray Rufino
 
Agile software process
Agile software processAgile software process
Agile software processJennifer Polack
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistIvan Piskunov
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
03.1 general control
03.1 general control03.1 general control
03.1 general controlMulyadi Yusuf
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
IC-ISO-27001-Checklist-10838_PDF.pdf
IC-ISO-27001-Checklist-10838_PDF.pdfIC-ISO-27001-Checklist-10838_PDF.pdf
IC-ISO-27001-Checklist-10838_PDF.pdfNapoleon NV
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
ITSM and TOGAF 9 v0 5
ITSM and TOGAF 9 v0 5ITSM and TOGAF 9 v0 5
ITSM and TOGAF 9 v0 5Salim Sheikh
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowPECB
 
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016Daljit Banger
 
CISA Training - Chapter 4 - 2016
CISA Training - Chapter 4 - 2016CISA Training - Chapter 4 - 2016
CISA Training - Chapter 4 - 2016Hafiz Sheikh Adnan Ahmed
 
Cissp Training PPT
Cissp Training PPTCissp Training PPT
Cissp Training PPTADEPT TECHNOLOGY
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
461361 1013243 chapter_2_dec__11
461361 1013243 chapter_2_dec__11461361 1013243 chapter_2_dec__11
461361 1013243 chapter_2_dec__11anup4704
 
His checklist for midsize indian hospitals
His checklist for midsize indian hospitalsHis checklist for midsize indian hospitals
His checklist for midsize indian hospitalsHIMSSIndia
 

Contenu connexe

Tendances

A tailored enterprise architecture maturity model
A tailored enterprise architecture maturity modelA tailored enterprise architecture maturity model
A tailored enterprise architecture maturity modelPaul Sullivan
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPsJayesh Daga
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdfmohammed539963
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistIvan Piskunov
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
03.1 general control
03.1 general control03.1 general control
03.1 general controlMulyadi Yusuf
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
IC-ISO-27001-Checklist-10838_PDF.pdf
IC-ISO-27001-Checklist-10838_PDF.pdfIC-ISO-27001-Checklist-10838_PDF.pdf
IC-ISO-27001-Checklist-10838_PDF.pdfNapoleon NV
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study materialAnees Shaikh
 
ITSM and TOGAF 9 v0 5
ITSM and TOGAF 9 v0 5ITSM and TOGAF 9 v0 5
ITSM and TOGAF 9 v0 5Salim Sheikh
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowPECB
 
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016Daljit Banger
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 

Tendances (20)

A tailored enterprise architecture maturity model
A tailored enterprise architecture maturity modelA tailored enterprise architecture maturity model
A tailored enterprise architecture maturity model
 
ITGC audit of ERPs
ITGC audit of ERPsITGC audit of ERPs
ITGC audit of ERPs
 
cobit 2019 presentation.pdf
cobit 2019 presentation.pdfcobit 2019 presentation.pdf
cobit 2019 presentation.pdf
 
IT General Controls
IT General ControlsIT General Controls
IT General Controls
 
Agile software process
Agile software processAgile software process
Agile software process
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
 
ISO 27001 (v2013) Checklist
ISO 27001 (v2013) ChecklistISO 27001 (v2013) Checklist
ISO 27001 (v2013) Checklist
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
 
03.1 general control
03.1 general control03.1 general control
03.1 general control
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
IC-ISO-27001-Checklist-10838_PDF.pdf
IC-ISO-27001-Checklist-10838_PDF.pdfIC-ISO-27001-Checklist-10838_PDF.pdf
IC-ISO-27001-Checklist-10838_PDF.pdf
 
Cobit 2019 foundation study material
Cobit 2019 foundation study materialCobit 2019 foundation study material
Cobit 2019 foundation study material
 
ITSM and TOGAF 9 v0 5
ITSM and TOGAF 9 v0 5ITSM and TOGAF 9 v0 5
ITSM and TOGAF 9 v0 5
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to know
 
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016
A Day in the Life of an Enterprise Architect (Role Play Exercise) 2016
 
CISA Training - Chapter 4 - 2016
CISA Training - Chapter 4 - 2016CISA Training - Chapter 4 - 2016
CISA Training - Chapter 4 - 2016
 
Cissp Training PPT
Cissp Training PPTCissp Training PPT
Cissp Training PPT
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 

En vedette

461361 1013243 chapter_2_dec__11
461361 1013243 chapter_2_dec__11461361 1013243 chapter_2_dec__11
461361 1013243 chapter_2_dec__11anup4704
 
His checklist for midsize indian hospitals
His checklist for midsize indian hospitalsHis checklist for midsize indian hospitals
His checklist for midsize indian hospitalsHIMSSIndia
 
Applicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit ProgramApplicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit ProgramMichael Davis
 
Tool Kit: Business Analysis product (artefact) checklist
Tool Kit: Business Analysis product (artefact) checklistTool Kit: Business Analysis product (artefact) checklist
Tool Kit: Business Analysis product (artefact) checklistdesigner DATA
 
An SDLC for SharePoint
An SDLC for SharePointAn SDLC for SharePoint
An SDLC for SharePointgvaughan
 
Audit Checklist for Information Systems
Audit Checklist for Information SystemsAudit Checklist for Information Systems
Audit Checklist for Information SystemsAhmad Tariq Bhatti
 

En vedette (6)

461361 1013243 chapter_2_dec__11
461361 1013243 chapter_2_dec__11461361 1013243 chapter_2_dec__11
461361 1013243 chapter_2_dec__11
 
His checklist for midsize indian hospitals
His checklist for midsize indian hospitalsHis checklist for midsize indian hospitals
His checklist for midsize indian hospitals
 
Applicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit ProgramApplicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit Program
 
Tool Kit: Business Analysis product (artefact) checklist
Tool Kit: Business Analysis product (artefact) checklistTool Kit: Business Analysis product (artefact) checklist
Tool Kit: Business Analysis product (artefact) checklist
 
An SDLC for SharePoint
An SDLC for SharePointAn SDLC for SharePoint
An SDLC for SharePoint
 
Audit Checklist for Information Systems
Audit Checklist for Information SystemsAudit Checklist for Information Systems
Audit Checklist for Information Systems
 

Similaire à Sdlc checklist

Pm for application development
Pm for application developmentPm for application development
Pm for application developmentAbdelrahman Serag
 
Introduction to software quality assurance by QuontraSolutions
Introduction to software quality assurance by QuontraSolutionsIntroduction to software quality assurance by QuontraSolutions
Introduction to software quality assurance by QuontraSolutionsQUONTRASOLUTIONS
 
Introduction To Software Quality Assurance
Introduction To Software Quality AssuranceIntroduction To Software Quality Assurance
Introduction To Software Quality Assuranceruth_reategui
 
Configuration management
Configuration managementConfiguration management
Configuration managementKobi Vider
 
IFRS Implementation in Canada - February 2008
IFRS Implementation in Canada - February 2008IFRS Implementation in Canada - February 2008
IFRS Implementation in Canada - February 2008Antonello Dessanti
 
Module-4 PART-2&3.ppt
Module-4 PART-2&3.pptModule-4 PART-2&3.ppt
Module-4 PART-2&3.pptSharatNaik11
 
SYSTEM DEVELOPMENT LIFE CYCLE
SYSTEM DEVELOPMENT LIFE CYCLESYSTEM DEVELOPMENT LIFE CYCLE
SYSTEM DEVELOPMENT LIFE CYCLEayushisingh190
 
Managing IT Projects
Managing IT ProjectsManaging IT Projects
Managing IT ProjectsRhys Leong
 
SDLC Process_Document.pptx
SDLC Process_Document.pptxSDLC Process_Document.pptx
SDLC Process_Document.pptxSivakumar Pola
 
3.8 development methods
3.8 development methods3.8 development methods
3.8 development methodsmrmwood
 
Rational unified process lecture-5
Rational unified process lecture-5Rational unified process lecture-5
Rational unified process lecture-5MujiAhsan
 
STLC & SDLC-ppt-1.pptx
STLC & SDLC-ppt-1.pptxSTLC & SDLC-ppt-1.pptx
STLC & SDLC-ppt-1.pptxssusere4c6aa
 
Asap methodology sap Anilkumar chowdary
Asap methodology sap Anilkumar chowdaryAsap methodology sap Anilkumar chowdary
Asap methodology sap Anilkumar chowdaryANILKUMARPULIPATI1
 
SQA - chapter 13 (Software Quality Infrastructure)
SQA - chapter 13 (Software Quality Infrastructure)SQA - chapter 13 (Software Quality Infrastructure)
SQA - chapter 13 (Software Quality Infrastructure)uma sree
 
19701759 Project Report On Railway Reservation System By Amit Mittal
19701759 Project Report On Railway Reservation System By Amit Mittal19701759 Project Report On Railway Reservation System By Amit Mittal
19701759 Project Report On Railway Reservation System By Amit MittalCourtney Esco
 

Similaire à Sdlc checklist (20)

Pm for application development
Pm for application developmentPm for application development
Pm for application development
 
Introduction to software quality assurance by QuontraSolutions
Introduction to software quality assurance by QuontraSolutionsIntroduction to software quality assurance by QuontraSolutions
Introduction to software quality assurance by QuontraSolutions
 
Introduction To Software Quality Assurance
Introduction To Software Quality AssuranceIntroduction To Software Quality Assurance
Introduction To Software Quality Assurance
 
SDLC
SDLCSDLC
SDLC
 
Configuration management
Configuration managementConfiguration management
Configuration management
 
IFRS Implementation in Canada - February 2008
IFRS Implementation in Canada - February 2008IFRS Implementation in Canada - February 2008
IFRS Implementation in Canada - February 2008
 
sop-plan-09
sop-plan-09sop-plan-09
sop-plan-09
 
Module-4 PART-2&3.ppt
Module-4 PART-2&3.pptModule-4 PART-2&3.ppt
Module-4 PART-2&3.ppt
 
SYSTEM DEVELOPMENT LIFE CYCLE
SYSTEM DEVELOPMENT LIFE CYCLESYSTEM DEVELOPMENT LIFE CYCLE
SYSTEM DEVELOPMENT LIFE CYCLE
 
Software process
Software processSoftware process
Software process
 
Managing IT Projects
Managing IT ProjectsManaging IT Projects
Managing IT Projects
 
SDLC Process_Document.pptx
SDLC Process_Document.pptxSDLC Process_Document.pptx
SDLC Process_Document.pptx
 
3.8 development methods
3.8 development methods3.8 development methods
3.8 development methods
 
Rational unified process lecture-5
Rational unified process lecture-5Rational unified process lecture-5
Rational unified process lecture-5
 
STLC & SDLC-ppt-1.pptx
STLC & SDLC-ppt-1.pptxSTLC & SDLC-ppt-1.pptx
STLC & SDLC-ppt-1.pptx
 
System requirements analysis
System requirements analysisSystem requirements analysis
System requirements analysis
 
Asap methodology sap Anilkumar chowdary
Asap methodology sap Anilkumar chowdaryAsap methodology sap Anilkumar chowdary
Asap methodology sap Anilkumar chowdary
 
Rup
RupRup
Rup
 
SQA - chapter 13 (Software Quality Infrastructure)
SQA - chapter 13 (Software Quality Infrastructure)SQA - chapter 13 (Software Quality Infrastructure)
SQA - chapter 13 (Software Quality Infrastructure)
 
19701759 Project Report On Railway Reservation System By Amit Mittal
19701759 Project Report On Railway Reservation System By Amit Mittal19701759 Project Report On Railway Reservation System By Amit Mittal
19701759 Project Report On Railway Reservation System By Amit Mittal
 

Sdlc checklist

  • 1. Systems Development Life Cycle Checklists The System Development Life Cycle (SDLC) process applies to information system development projects ensuring that all functional and user requirements and agency strategic goals and objectives are met. The SDLC provides a structured and standardized process for all phases of any system development effort. These phases track the development of a system through several development stages from feasibility analysis, system planning and concept development; to acquisition and requirements definition; design; development; integration and testing; deployment and acceptance; though deployment and production; and finally to system retirement. The Records Management (RM) Profile1 recommends that agencies embed records management requirements in the earliest stages of the SDLC. The following document is a checklist to assist agencies to integrate RM into the SDLC. The checklist identifies certain points in the SDLC process where the agency may propose to establish records management review and approval to ensure that sound RM practices are incorporated into the development of its proposed IT systems. While the attached SDLC diagram demonstrates these stages in a linear “waterfall” systems development methodology, the checklist can be used with other systems development methodologies as well, such as “spiral,” “parallel,” “rapid application development (RAD)” and “prototyping” by modifying the checklist to fit the phases of the preferred SDLC method used. The checklist provides three to five basic questions about records management and recordkeeping for each phase of the SDLC lifecycle process. The checklist questions are intended to begin a more detailed discussion with agency records managers, IT and CPIC staff, and program managers and staff that will help identify recordkeeping requirements in each phase, with a great emphasis on identifying records management requirements at the earliest stages of project planning, initiation and requirements gathering. Because individual agency SDLC processes and policies vary widely, the checklist is not designed to be used as the only checklist an agency might need, or even a “one size fits all” approach to identifying recordkeeping requirements within an individual agency’s SDLC policies. Rather, the checklist demonstrates a widely used methodology to plan and develop new IT systems that can be used as a model or template that individual agencies can revise or tailor to their own unique SDLC process, IT and systems development policies and procedures to identify their unique records management and recordkeeping requirements. For instance, some agencies use a five-step SDLC process, and others use a ten-step process, and they should revise or modify checklist to meet their specific SDLC policy and business needs. For more information please contact your agency’s records management point of contact at NARA at http://www.archives.gov/records- mgmt/appraisal/work-group-all.html. 1 Refer to Federal Enterprise Records Management Profile, Sections 4.1.1 through 4.1.6; http://www.archives.gov/records-mgmt/policy/rm-profile.html.
  • 2. Integrating RM into the SDLC # RM Integration into the SDLC Y, Comments N, NA Phase 1: Concept Development 1 Is the agency Records Officer included from the beginning in the system design process? 2 Are records identified that support the business process? 3 a. Do current record schedules apply to the new system? b. Is a new record schedule required because of changes in the records? 4 Is the agency Records Officer signature on the agency Investment Summary Proposal? Phase 2: Requirements Document 5 Are all records-related requirements identified and incorporated into the final CONOPS Report and Business Requirements Document? 6 Are new records schedules being drafted, if needed? 7 Is the agency Records Officer signature on the requirements document? Phase 3: Design 8 Are all records management requirements incorporated into the system design document? 9 Is the agency Records Officer signature on the system design document? Phase 4: Detailed Design 10 Is the agency records management staff included in project status meetings as needed? Phase 5: Development 11 Is the agency records management staff included in project status meetings as needed? 12 Are proposed records schedules submitted to the NARA? Phase 6: Integration & System Testing 13 Are records management requirements incorporated into the system? 14 Is the agency Records Officer signature on the Systems Test Report? Phase 7: Deployment & Acceptance 15 Is the agency records management staff included in project status meetings as needed? 16 Is the agency Records Officer signature on the document approving deployment of the system? Phase 8: Production 17 Is the Mid-Cycle Review complete? (Review to occur 3 years after going to production to validate records management requirements and records schedules.) 18 Are disposition authorities being implemented in accordance with appropriate dispositions? 19 Is the Mid-Cycle Review report sent to the agency records management staff for review? 20 Is the agency Records Officer signature on the Mid-Cycle Review certification document? 2
  • 3. Phase 9: Retirement & Rollover 21 At the time of retirement or rollover of the system, are records preserved, retained, and fully accessible for the full retentions in accordance with appropriate dispositions? 22 At the time of retirement or rollover of the system, are temporary records destroyed in accordance with appropriate dispositions? 23 At the time of retirement or rollover of the system, are permanent records transferred to NARA in accordance with the appropriate dispositions? 3
  • 4. Systems Development Life Cycle Method Product Plan Based on needs identified in BPD and approved in CPIC Includes creation points for records Phase Deliverables Concept Development Requirements Definition Preliminary Design Detail Design Development Integration & System Test To next phase Development & Acceptance Testbeds and prototypes To next Production Pilots phase Production and evolutionary releases Another Yes New Phase Phase? Planning No Retirement & Roll Over