You are to develop a Plan for the implementing the Software Security Best Practices/TouchPoints in to the Software Development Lifecycle (SDLC).
You are to develop a detailed report and prepare a PowerPoint Presentation (.ppt) that summarizes your Software Assurance adoption and implement Plan. Your plan should cover in detail the following topic and implementation components. Your implementation plan should use the Waterfall SDLC as described in McGraw’s Book, Software Security, BuildingSecurity In
These include, but NOT limited to:
- Plan Objectives – What will the Software Assurance Plan accomplish?
- Describe your “Vision” as it pertains to your Software Assurance Adoption and Implementation Plan
- Why should Management or the Business really care? Why Change? Is it really “broken”?
- Summarize the Business Challenges to be overcome and Benefits that will be realized by executing your plan (SUMMARY – “Bullets)
- Executive summary of the plan
- Project Team Resources – Staffing requirements
- HIGH level summary descriptions of the tasks and initiatives to complete the plan
- Critical factors and Challenged, “Pitfalls
- Estimated Time line
- Define the current SDLC(I suggest that the Waterfall as defined by McGraw is easy and straightforward. You may choose any SDLC of your choice; Scrum, Other.)
- Define and show/model/illustrate the new or proposed SDLC
- Identify the changes or enhancements to the old/current SDLC
- Implementation Process and Steps (Detailed) – An Actionable Plan to implement the proposed Software Assurance enhancements
- How (Specific Actions)will you overcome the challenges and pitfalls of adopting and implementing Software Assurance into a SDLC?
- How (Specific Actions) will you gain organizational and stakeholder acceptance?
- How will you minimize the risk of implementation and acceptance failure(s)?
- Identify step-by-step initiatives for each phase of your plan
- How you will implement each Best Practice and a what stage of the SDLC
- Deliverable and Artifacts that will a result of each Step/Initiative
- Gant Chart(s); serial, overlapping or in parallel initiatives?
- Rollout plan
- Measurement and Metrics
- What are measurement and metrics
- How are you going to measure, manage and monitor success/failure of your implementation plan?
- Define your Continuous Plan Improvement process (Feedback Loop)
- What is your plan to perform Software Assurance on existing deployed, sold, production, and installed software?
- Projected outcomes?
Background:
This assignment is an extension, follow-on to assignment no. 5, which was a presentation to get initial acceptance to initiate a detailed plan to adopt and implement Software Assurance Best Practices into the SDLC process.
Assignment Request:
- We will pair off into three (3) Teams as assigned in assignment, the predecessor to this assignment
- You will present your Plan in class on Tuesday, December 20th as a Team with equal participation of each Team Member
Due Date:
- Monday December 10th, 2012 Submit an your detailed Adoption and Implementation plan (.doc) and Executive Summary Presentation (.ppt)