Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

U H S

advertisement 
UNIVERSITY OF HOUSTON SYSTEM
ADMINISTRATIVE MEMORANDUM
SECTION:
Information Technology
AREA:
Software
SUBJECT:
System Development Life-Cycle
1.
07.B.01
PURPOSE
1.1.
2.
NUMBER:
The purpose of this administrative memorandum is to establish a software
development life-cycle (SDLC) policy to control and manage activities
(management, engineering and assurance) which produce software products as
authorized by the University of Houston System through development or
modification. The objective is to imbed a control architecture that ensures
software products conform to computer and communications requirements,
standards and procedures defined by each component university.
POLICY
2.1.
All software product development or modification authorized by the University of
Houston System will be subject to an implementation flow, chronologically, to a
state of readiness for operational use consistent with Information Systems Audit
and Control Association guidelines as published in Governance, Control and
Audit for Information and Related Technology (COBIT www.isaca.org).
according to the following phases:
Relevant COBIT framework processes for a selected SDLC include:
PO8—Ensure Compliance with External Requirements
PO10—Manage Projects
PO11—Manage Quality
AI1—Identify Automated Solutions
AI2—Acquire and Maintain Application Software
AI3—Acquire and Maintain Technology Infrastructure
AI4—Develop and Maintain Procedures
AI5—Install and Accredit Systems
November 17, 1994; Draft September 1, 2009
Page 1 of 4
AM No. 07.B.01
AI6—Manage Changes
DS1—Define and Manage Service Levels
DS2—Manage Third-party Services
DS3—Manage Performance and Capacity
DS4—Ensure Continuous Service
DS5—Ensure Systems Security
DS7—Educate and Train Users
Concept and Initiation
Requirements
Architectural Design
Detailed Design
Implementation
Integration & Test
Acceptance & Delivery
Sustaining Engineering & Operations
2.2.
Throughout the SDLC, measures shall be taken to protect information assets
against unauthorized access, disclosure, modification or destruction, whether
accidental or deliberate, as well as to assure the availability, integrity, utility,
authenticity and confidentiality of information in accordance with Texas
Administrative code (TAC) 202. Each phase in the cycle will conclude with a
corresponding formal transition review:
Software Concept Review
Software Requirements Review
Preliminary Design Review
Critical Design Review
Functional Configuration Audit
November 17, 1994; Draft September 1, 2009
Page 2 of 4
AM No. 07.B.01
Test Readiness Review
Software Acceptance Review
The transition review will be conducted by the product provider (the organization
delivering the software capability) to report and document the set of activities
executed in each phase. The report documentation will become the basis for the
product acquirer's (the organization obtaining the software capability) approval.
The approval, in turn, becomes the authority for the product provider to proceed
to the succeeding phase.
2.3.
Throughout the SDLC, measures shall be taken to comply with accessibility
standards for institutions of higher education as described in the Texas
Administrative Code (TAC) 213.Life-Cycle phase transition will be authorized
only when agreement between the product acquirer and product provider defines a
corresponding baseline for continuance:
Management Baseline
Allocated Baseline
Design Baseline
Code Baseline
Integrated Baseline
Accepted Baseline
3.
2.4.
Selecting and adapting from the many SDLC frameworks in use is the
responsibility of program/project management and shall be determined on a
program/project basis.The baseline agreement will be documented by signature
approval, by the product acquirer, of all required documentation for the LifeCycle phase.
2.5.
Customization and use of this Life-cycle is the responsibility of program/project
management and is to be determined on a program/project basis.
REVIEW AND RESPONSIBILITY
Responsible Party: Associate Vice Chancellor for Administration and
FinanceInformation Technology and Chief Information Officer
Review:
in 1995
Every two years, on or before September December 1, beginning
November 17, 1994; Draft September 1, 2009
Page 3 of 4
AM No. 07.B.01
4.
APPROVAL
Approved:
Executive Vice Chancellor for Administration and Finance
Alexander Schilt
Chancellor
Date:
5.
November 17, 1994
INDEXING TERMS
Life-Cycle
Computer software
November 17, 1994; Draft September 1, 2009
Page 4 of 4
Related documents
Document14650034 14650034
Document14650034 14650034
Psychology 328 Outline of Self
Psychology 328 Outline of Self
College of computer technology Information network department Introduction to database
College of computer technology Information network department Introduction to database
project plan
project plan
IT2042-INFORMATION-SECURITY-SYS
IT2042-INFORMATION-SECURITY-SYS
U H S
U H S
Download
advertisement