Describe the Secure Development Lifecycle process and when it is used.

As you learned in this section, the Secure Development Lifecycle is an important element for ensuring that internal systems or delivered products are safe, secure$,$ and that they do not pose any undue risk to an organization.

With that in mind, you've been tasked with implementing an enterprise program that effectively oversees the SDL process between the IT department and your team.

Your task is to develop a plan for implementing this framework and joint approach. As part of the initial evaluation and planning stage, for the first part of the project, you must evaluate the current processes being used to facilitate the SDL process. Using the SDL phases as a model, compare and contrast how each step is currently applied $($or not applied$)$ within your environment.

Walk through the five phases of the SDL and contrast how each may apply.

B

$$

Requirements Design

Implementation

Test

$.$ Release

For the second part of the project, you must offer a concrete plan of action and improvements that the organization should undertake in order to support SDL at an enterprise level.

Describe the current approach and practices supporting SDL in its current form. Use the best practices you've learned to identify potential gap areas, and offer material improvements that can help to secure systems, products, or other devices. If this process is currently non$-$existent within your environment, then lay out the key steps that should be undertaken to formally institute SDL in a sustainable and effective manner. Please be sure to address the following within your answer:

$.$

$.$

How is the SDL process currently implemented and managed within your organization?

Is it currently a formal $($or informal$)$ set of processes, procedures, or frameworks?

Is the current approach effective at securing systems and$/$or products?

Are you able to identify any gap areas within the current SDL process? What improvements or enhancements would you suggest for improving the program?