Compare and Contrast Software Development Methodologies

There are 2 deliverables for this project.

1. Develop and submit a one page matrix – STEP 8
2. Two page white paper- STEP 10
3. Two page memorandum- STEP 12
4. Develop an email communication- STEP 13

Please Give Headings for all sections!

Step 7: Compare and Contrast Software Development Methodologies

Now that you have completed your research on the SDLC, you are going to look into how to develop the software your organization needs.

You decide to consider various software development methodologies. Compare and contrast open source, commercial, and internally developed software methodologies, noting what cybersecurity issues each addresses.

Open source software platforms are widely used and supported, and benefit from communities of creative and innovate thinkers. Learn about the open source development community (accountability and self-policing, development criteria, “ownership”) and the pros and cons of adopting open source platforms for corporate use.

You will use this information to develop your software development matrix.

Step 8: Software Development Matrix

Develop and submit a one-page matrix that compares and contrasts open source, commercial, and internally developed software development methodologies. Discuss the pros and cons of each to help inform your final recommendation. Consider cost, software assurance needs and expectations, software assurance objectives, and a software assurance coding and development plan.

Submit the matrix for feedback.

Step 9: Evaluate Software Maintenance

Whether you are developing or purchasing software, the key to successful software installation and use is a maintenance plan that ensures updates are implemented in a timely manner and that guards against improper uses which could jeopardize the integrity of the software. Using key tenets of the maintenance elements of the SLDC, develop a software maintenance plan. In preparation for the development of your maintenance plan, you will need to do the following:

• Describe the software, the features, and the security improvements.
• Develop a schedule to implement the recommended software.
• Identify potential impacts to mission, risks, and likelihood of success.

Step 10: Software Maintenance Plan

Using your findings from Step 9, develop and submit a two-page white paper for distribution to the team that will be responsible for implementing the plan. This white paper should do the following:

• Describe the software features.
• Describe the expected impacts on the mission.
• Include the implementation schedule.

Submit the white paper to your instructor for review.

Step 11: Weigh Software Options

You are finally ready to write your recommendation memo. Before you begin, look over your research one more time and evaluate your findings. Identify the software options to consider along with the associated costs and risks of those options. Your options should include procurement, development, and open source.

Step 12: Software Recommendation Memo

Now that you have weighed the software options in Step 11, write your memo recommending an approach to software acquisition for the organization. Address it to procurement, with coordination through the chief information officer. This memo will educate leadership on the importance of making the right software decisions for the organization, so the memo will describe the software development life cycle (SDLC) and its applicability to the current needs of your organization. The two-page memorandum should accomplish the following:

• Articulate the software needs of the organization.
• Identify the software options that best meet the organization’s needs.
• Make a recommendation for your organization supported by a rationale.
• Describe the key attributes of the software development life cycle (SDLC).
• Describe the weaknesses of commonly used software (word processing, spreadsheets, email platforms).
• Identify any known risks of your recommendation and describe supply chain risk management your organization could implement.
• Detail the costs involved in your recommendation.
• Cite contract language that would be used to ensure that supply chain, system, network, and operational security were met.

Submit the memo to your instructor for review.

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.

• 6.1: Analyze secure software development methodologies and describe the cybersecurity issues that each methodology addresses.
• 6.4: Explain systems life cycle management concepts used to plan, develop, implement, operate, and maintain information systems.
• 9.4: Demonstrate secure principles, methods, and tools used in the software development life cycle.
• 9.5: Describe the cybersecurity implications related to procurement and supply chain risk management.

Step 13: Implement Software Purchase

Assuming that the CEO approves your recommendation, you will be tasked with implementing the software development. The new software will result in some changes for the accounting department, and you need to alert them to what they can expect, and what you as the CISO expect of them in order to keep the information and networks of your organization secure.

• Identify the change management and patch management (software maintenance) required for the solutions you have recommended. Include behavioral changes as well as technical changes.
• Develop an email communication from you to the workforce that alerts the workforce to the coming changes, explains the rationale for them, and tells them what they should expect as the new solutions are being implemented. Give them any information on potential work disruptions and also provide steps they should take to report issues or to get assistance during the transition.

Submit the email for review.