You are to develop a Plan for the implementing the Software Security Best Practices/TouchPoints in to the Software Development Lifecycle (SDLC).

You are to develop a detailed report and prepare a PowerPoint Presentation (.ppt) that summarizes your Software Assurance adoption and implement Plan. Your plan should cover in detail the following topic and implementation components. Your implementation plan should use the Waterfall SDLC as described in McGraw’s Book, Software Security, BuildingSecurity In

These include, but NOT limited to:

  1. Plan Objectives – What will the Software Assurance Plan accomplish?
  2. Describe your “Vision” as it pertains to your Software Assurance Adoption and Implementation Plan
  3. Why should Management or the Business really care? Why Change? Is it really “broken”?
  4. Summarize the Business Challenges to be overcome and Benefits that will be realized by executing your plan (SUMMARY – “Bullets)
  5. Executive summary of the plan
  6. Project Team Resources – Staffing requirements
  7. HIGH level summary descriptions of the tasks and initiatives to complete the plan
  8. Critical factors and Challenged, “Pitfalls
  9. Estimated Time line
  10. Define the current SDLC(I suggest that the Waterfall as defined by McGraw is easy and straightforward. You may choose any SDLC of your choice; Scrum, Other.)
  11. Define and show/model/illustrate the new or proposed SDLC
  12. Identify the changes or enhancements to the old/current SDLC
  13. Implementation Process and Steps (Detailed) – An Actionable Plan to implement the proposed Software Assurance enhancements
  14. How (Specific Actions)will you overcome the challenges and pitfalls of adopting and implementing Software Assurance into a SDLC?
  15. How (Specific Actions) will you gain organizational and stakeholder acceptance?
  16. How will you minimize the risk of implementation and acceptance failure(s)?
  17. Identify step-by-step initiatives for each phase of your plan
  18. How you will implement each Best Practice and a what stage of the SDLC
  19. Deliverable and Artifacts that will a result of each Step/Initiative
  20. Gant Chart(s); serial, overlapping or in parallel initiatives?
  21. Rollout plan
  22. Measurement and Metrics
  23. What are measurement and metrics
  24. How are you going to measure, manage and monitor success/failure of your implementation plan?
  25. Define your Continuous Plan Improvement process (Feedback Loop)
  26. What is your plan to perform Software Assurance on existing deployed, sold, production, and installed software?
  27. Projected outcomes?

Background:

This assignment is an extension, follow-on to assignment no. 5, which was a presentation to get initial acceptance to initiate a detailed plan to adopt and implement Software Assurance Best Practices into the SDLC process.

Assignment Request:

  • We will pair off into three (3) Teams as assigned in assignment, the predecessor to this assignment
  • You will present your Plan in class on Tuesday, December 20th as a Team with equal participation of each Team Member

Due Date:

  1. Monday December 10th, 2012 Submit an your detailed Adoption and Implementation plan (.doc) and Executive Summary Presentation (.ppt)