When auditing the Software Development Life Cycle (SDLC) which of the following is one of the high-level audit phases?
When auditing the Software Development Life Cycle (SDLC) which of the following is one of the high-level audit phases?
When auditing the Software Development Life Cycle (SDLC), one of the high-level audit phases is Planning. During the audit of the SDLC, the planning phase is critical as it involves defining the scope and objectives of the audit, identifying key stakeholders, establishing audit criteria and methodologies, and developing an overall audit plan. This phase sets the groundwork for the subsequent stages of the audit by understanding the organization's SDLC processes and determining the areas to be audited and the audit approach. Thus, Planning is considered a high-level audit phase.
I am thinking "D" - I don't like this question. DLC Phases The entire SDLC process divided into the following SDLC steps: Phase 1: Requirement collection and analysis Phase 2: Feasibility study Phase 3: Design Phase 4: Coding Phase 5: Testing Phase 6: Installation/Deployment Phase 7: Maintenance The requirement is the first stage in the SDLC process. It is conducted by the senior team members with inputs from all the stakeholders and domain experts in the industry. Planning for the quality assurance requirements and recognization of the risks involved is also done at this stage. This stage gives a clearer picture of the scope of the entire project and the anticipated issues, opportunities, and directives which triggered the project. Requirements Gathering stage need teams to get detailed and precise requirements. This helps companies to finalize the necessary timeline to finish the work of that system. https://www.guru99.com/software-development-life-cycle-tutorial.html#3
A is correct.
Read the question again
Planning is an audit phase
It is ABSOLUTELY D: Official CISSP CBK (6th edition): Software Development Auditing phases: - Requirements phase - Requirements phase - Implementation phase - Verification phase - Operation and maintenance phase
D is correct
When auditing the Software Development Life Cycle (SDLC), one of the high-level audit phases is option A: Planning. The auditing process for the Software Development Life Cycle typically involves several phases or stages to assess the effectiveness, compliance, and controls implemented within the SDLC. These phases may vary depending on the specific auditing methodology or framework used. However, the planning phase is generally one of the primary and initial phases of the audit process. During the planning phase, the auditor defines the scope and objectives of the audit, identifies key stakeholders, establishes audit criteria and methodologies, and develops an overall audit plan. This phase involves understanding the organization's SDLC processes, identifying the areas to be audited, and determining the audit approach and resources required.
A. Planning Planning phase also includes requirements, a wish list of the stakeholders/senior management and experts, which at this point the audit will gather all items the will audit as SDLC moves from one phase to the next.
The answer is A (Planning). The option D (Requirements) is incorrect because the requirements is not a phase of an AUDIT process.
I think it's Planning. The correct answer is A The 5 SDLC Phases: Planning Designing Developing Testing Maintenance
We are looking for an audit phase, not an SDLC step.
1 The answer is B. Risk assessment. Risk assessment is one of the high-level audit phases when auditing the Software Development Life Cycle (SDLC). During the risk assessment phase, the auditor will identify and assess the risks to the SDLC, including security risks. The auditor will then develop recommendations to mitigate these risks. The other options are not high-level audit phases. Planning is the process of developing an audit plan, which includes the scope, objectives, and methodology of the audit. Due diligence is a process of conducting an investigation to determine the accuracy and completeness of information. Requirements are the specifications for a software system, including the functional and non-functional requirements. Therefore, the correct answer is B. Risk assessment.
The question is - which of the following is a high level audit phase? So Due Diligence appears to be high-level. So the given answer probably correct but would like to confirm this.
D. documentation supports D as the correct answer.
D is correct. Read page 767 of the Official CISSP CBK Reference, (6th editon).
Answer: Planning GENERAL SDLC AUDIT PROCEDURE: plan/prepare, describe process, evaluate/report, followup Slide 17 https://s3.amazonaws.com/kajabi-storefronts-production/file-uploads/sites/69255/themes/2154025622/downloads/50fa5a8-d4c-27cf-08cb-023ecccc54e3_Monica_Chis-SDLC-AUDIT-AUGUST-9.pdf
A/D are the same meaning, Planning is part of requirement. Answer is C because its part of Due diligence in auditing process
A - Plan is the only one listed - https://aws.amazon.com/what-is/sdlc/#:~:text=The%20software%20development%20lifecycle%20(SDLC,expectations%20during%20production%20and%20beyond.
Every option is under the due diligence
"A" Question is for "Audit phases" not SDLC steps: Phase 1: Requirement collection and analysis Phase 2: Feasibility study Phase 3: Design Phase 4: Coding Phase 5: Testing Phase 6: Installation/Deployment Phase 7: Maintenance