application , compliances , policies , security , web-services

SDLC Descriptions and NIST Standards that apply

March 6, 2012

SDLC Activity and supporting NIST publications

  • NIST SP 800-64

Project Initiation – Security Planning

  • SP 800-64
  • SP 800-100
  • SP 800-37
  • SP 800-53

Categorize Security for the System

  • SP 800-60
  • FIPS-199

Assess Risk to a System

  • SP 800-30

Analyze Risk Requirements

  • SP 800-53

Assess Business Impact

  • SP 800-34

Assess Policy Considerations

  • SP 800-37

Secure Information System Development

  • SP 800-64
  • SP 800-16

Design Security Architecture

  • SP 800-30

Develop Security Documentation

  • SP 800-18

Conduct Developmental, Functional and Security Testing

  • FIPS 140-2, SCAP

Create Detailed Plan for C & A

  • SP 800-37

www.bestitdocuments.com