ISSE and SLDC Linkages

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

5 hours 58 minutes
Video Transcription
welcome back to CyberRays. It's of course I'm your instructor, Brad Roads. Let's look at
ISI and SCLC linkages.
So in this lesson, we're gonna look at the process. We're gonna look at the SCLC process, and then we're gonna map them together. And this mapping is very important to you when you're studying for the exam because thes air linkages that are very useful when you're thinking about the questions you may be asked.
So remember, the ISI process is structured in six sections. You have needs requirements, architecture, design and implementation. Then if you were to draw a circle around this, you would have assessed. But I put assess here at the end to show that typically we're doing a large part of our assessment here at the end of implementation.
But the long story short here is you need to remember this
diagram. This is a good diagram to remember as you go into the exam.
The S D L C process is are cyclical process that we've talked about before, and this is where we initiate we determine what our needs and requirements are. We get here to the Bible decision, Are we going to develop or acquire. We're going to get Thio implementation where we actually do that small scale rollout
I and begin to utilize this system. And then we get into full scale production or operation and maintenance.
We're actually making sure that we are doing continuous monitoring and passing our systems. And then, of course, the last phase of the SCLC is the disposal process. And that's where we decide if we're going to dispose the commission. And then hopefully we've already initiated the replacement system for the system we're looking at here.
So I've done some mapping here. That's very important. Um, you can see three columns in this chart. You've got the ISI phases. You have the SCLC phases, and then you have the new construct from NIST Special Pub 801 60. And so it's very important toe walk across these different phases and understand what they mean
when we're doing needs in the ISI process. That's initiation and concept.
Uh, collectively, there in requirements. It's still initiation and concept between SCLC and missed 801 60.
When we get to architecture and design, that's where we double up when we have Devon acquisition and development for the two on the same thing with design, development, slash acquisition and development of what we see, they're tied to design in the S e phase implementation. We have an implementation phase in SCLC that's convenient. In the next 801 60 we have a pretty
reduction phase.
And then we get to assess and assesses, typically done, you know, uh, cyclically and collectively in the ISI phases after each phase, actually. But we put it at the end here because we do assessments and operation and maintenance and utilizing the support in 801 60. And then, of course, there isn't truly in the ISI phases
a disposal or retirement process, and so
we don't have anything there. You could see that and tie that to implementation, I suppose. But it just doesn't make any sense. And so I've mapped this chart here for you specifically. So as you study for the exam and you prepare things like raindrops and stuff like that, if you're going to sit there and write down a bunch of stuff that you
remember from the standpoint of your study processes before you actually start answering questions,
this is a good mapping to remember. Definitely want to understand how the ISI phases air linked to the system development life cycle. And then the new construct in missed 801 60.
Alright, In this module we looked again and look back at the process. We look back at the SCLC process and then we map all of those together so that you have a good study point for the SF exam.
We'll see you next time.
Up Next
Information Systems Security Engineering Professional (ISSEP)

This ISSEP course provides students with the foundational knowledge of the concentration area of the CISSP certification that includes a focus on the processes used to develop secure systems. Students will learn key concepts and skills of the five ISSEP domains.

Instructed By