|
IEEE P1074-2005 Roadmap for Optimzing Security in the System and Software Life Cycle |
|
|
IEEE P1074-2005 will ballot this year, offering key information assurance guidance that enables the appropriate prioritization of security on projects and the building of the appropriate level of security controls into products. This white paper provides an overview of those changes, describes the investigative journey the revision team took to arrive at these changes, and compares the beneifts of the revised standard against other process and information assurance related standards.
IEEE P1074-2005 is unique:
- It is a timely, agressive response to compelling business need stressing a Defense in Depth approach
- It is the first effort to formallly adapt Common Critieria principles and assets for direct use in the engineering process
- It is the first effort to comprehensively address information assurance in an IEEE process standard
- It is the only standard suggesting specific guidance for security on projects
Revisions to this general process standard demonstrate that for most organizations, simply adjusting their current project processes can have a tremendously positive effect on managing enterprise security risk.
|
|
Last Updated ( Monday, 18 July 2005 )
|
