System Development Lifecycle Model

Michael Herrera

IT Risk Management is a subset of overall Risk Management because the IT systems must enable the company to achieve its objectives in a secure and cost-effective manner. IT Risk Management ideally is incorporated completely into a company’s System Development Lifecycle (SDLC) activities, which has fives (5) phases:

1)      Analysis/Requirements

2)      Design/Acquisition

3)      Development/Implementation

4)      Integration and Testing/Operations or Maintenance

5)      Disposal

In some cases, a system may be in several stages simultaneously. Regardless of the phase, the methodology for Risk Management is the same. The phases and phase characteristics of the SDLC track closely with overall Risk Management and Business Continuity/Disaster Recovery planning activities.

About
Michael Herrera is the Chief Executive Officer (CEO) of MHA. In his role, Michael provides global leadership to the entire set of industry practices and horizontal capabilities within MHA. Under his leadership, MHA has become a leading provider of Business Continuity and Disaster Recovery services to organizations on a global level. He is also the founder of BCMMETRICS, a leading cloud based tool designed to assess business continuity compliance and residual risk. Michael is a well-known and sought after speaker on Business Continuity issues at local and national contingency planner chapter meetings and conferences. Prior to founding MHA, he was a Regional VP for Bank of America, where he was responsible for Business Continuity across the southwest region.