The software development life cycle, or SDLC, encompasses all of the steps that an organization follows when it develops software tools or applications. Organizations that incorporate security in the SDLC benefit from products and applications that are secure by design. Those that fail to involve information security in the life cycle pay the price in the form of costly and disruptive events.
In an organization that's been around for several years or more, the SDLC is well-documented and usually includes the steps that are followed and in what order, the business functions and/or individuals responsible for carrying out the steps and information about where records are kept.
A typical SDLC model contains the following main functions: 1>Conceptual definition. This is a basic description of the new product or program being developed, so that anyone reading it can understand the proposed project.
2>Functional requirements and specifications. This is a list of requirements and specifications from a business function perspective.
3>Technical requirements and specifications. This is a detailed description of technical requirements and specifications in technical terms.
4>Design. This is where the formal detailed design of the product or program is developed.
5>Coding. The actual development of software.
6>Test. This is the formal testing phase.
7>Implementation. This is where the software or product is installed in production.