The importance of carrying out a careful risk and impact assessment in order to safeguard the security of the information and the data privacy.
In order to reduce as much as possible the vulnerabilities and programming errors that can affect not only the quality of the product itself but can also be exploited to launch increasingly sophisticated and growing computer attacks, it’s necessary to guarantee the protection parameters of computer security in terms of integrity, confidentiality and authentication both for the code of an application and for data management. Therefore, it’s essential to carry out a careful risk and impact assessment in order to safeguard the security of the information and the data privacy.
The project must be planned, following a common denominator for the whole software life cycle, to ensure the security requirements for the data, functions and programming language.
The reference model used in this discussion is, for simplicity’s sake, sequential, in which only after completing one phase does one move on to the next. However, it could be envisaged, for greater efficiency and flexibility, to revise and correct the various phases:
- requirements study and analysis;
- designing;
- implementation and system check;
- distribution and maintenance.
