2.5 Assignment: Case Study: System Life Cycle Plan
1. You and your team are in phase 2 (planning phase) of the Life Cycle and need to review
the "Acquisition (AQ)" section of the Framework. For ALL the items in the AQ
...
2.5 Assignment: Case Study: System Life Cycle Plan
1. You and your team are in phase 2 (planning phase) of the Life Cycle and need to review
the "Acquisition (AQ)" section of the Framework. For ALL the items in the AQ section
(i.e., the items that are AQ-#. #), document in priority order all the processes. Your list
should include the designation and the numbers in priority order in which you will
address each process. Describe (100 words or more) why you selected the processes in
the order you documented.
AQ-1 Prepare for security aspects of the acquisition.
1. AQ-1.1 Define the security aspects for how the acquisition will be conducted.
2. AQ-1.2 Prepare a request for a product or service that includes the security requirements.
AQ-2 ADVERTISE THE ACQUISITION AND SELECT THE SUPPLIER TO
CONFORM WITH THE SECURITY ASPECTS OF THE ACQUISITION
1. AQ-2.1 Communicate the request for a product or service to potential suppliers consistent
with security requirements.
2. AQ-2.2 Select one or more suppliers that meet the security criteria.
AQ-3 ESTABLISH AND MAINTAIN THE SECURITY ASPECTS OF AGREEMENTS
1. AQ-3.1 Develop an agreement with the supplier to satisfy the security aspects of
acquiring the product or service and supplier acceptance criteria.
2. AQ-3.2 Identify and evaluate the security impact of necessary changes to the agreement.
3. AQ-3.3 Negotiate and institute changes to the agreement with the supplier to address
identified security impacts.
AQ-4 MONITOR THE SECURITY ASPECTS OF AGREEMENTS
1. AQ-4.1 Assess the execution of the security aspects of the agreement.
2. AQ-4.2 Provide data needed by the supplier in a secure manner in order to achieve timely
resolution of issues.
AQ-5 ACCEPT THE PRODUCT OR SERVICE
Confirm that the delivered product or service complies with the security
aspects of the agreement.
2. AQ-5.2 Accept the product or service from the supplier or other party, as directed by
the security criteria in the agreement.
I chose all the Acquisition processes since they are all equally important for an organization to
implement, especially in the planning phase of the life cycle. Implementing all of the processes
will help especially with the security of the online store, who they select as their suppliers etc.
This is absolutely an important phase of the life cycle planning out everything. I will repeat again
that all of them are equally important and should be implemented for the success of the
organization and to keep the online store secure.
2. You and your team are in phase 2 (planning phase) of the Life Cycle. They need to plan
the processes in the "ORGANIZATIONAL PROJECT-ENABLING PROCESSES" section,
document in priority order only the processes you will address specifically for the
planning phase. Your list should include the designation and the numbers in priority
order in which you will manage each process. The processes you select from each
section should be merged so there is only one list with all items in priority order.
Describe (100 words or more) why you chose the processes in the order you
documented.
Life Cycle Model Management Process
1. LM-1.1 Establish policies and procedures for process management and deployment that
are consistent with the security aspects of organizational strategies.
2. LM-2.1 Monitor and analyze the security aspects of process execution across the
organization.
3. LM-3.1 Prioritize and plan for security improvement opportunities.
Infrastructure Management Process
4. IF-1.1 Define the infrastructure security requirements.
5. IF-2.2 Identify and provide security improvements or changes to the infrastructure
resources as the project requirements change.
[Show More]
