What is the system life cycle and how does in pertain to information technology security?
A. There are five basic phases to the development of a computer system: initiation, development/acquisition, implementation, operation, and disposal phase. In the initiation phase the need for a system is expressed and the purpose of the system is documented. A sensitivity assessment should be performed which looks at the information to be processed and the security it will require. During the development/acquisition phase the security requirements should be developed at the same time system planners define the requirements of the system. In the implementation phase the system’s security features should be configured, enabled, the system should be tested, installed, and the system authorized for processing. In the operation/maintenance phase the system is almost always being continuously modified by the addition of hardware and software and numerous other events. The security of the system should be documented, reviewed, risk based choices made, and re-authorized to process when major