NCU-FSB is in the process of implementing an ERP solution for administrative process integration. The solution to be implemented will cover all operations
(loans, credit cards, mortgages, IRAs, investments, and financial counseling services) with administrative operations (human resources, finances, plant
management, procurements, and asset management, among others). To ensure that the chosen solution meets all technical and security requirements, the
CEO asked the CIO and you as the CISO with analyzing industry solutions and recommending the criteria the solution (commercial off-the-shelf [COTS] or inhouse development) must meet.
The deliverable for this assignment will be a testing checklist of all criteria that must be assessed and can be supported by a diagram or flowchart. These
criteria will become the standards for data and application management for all applications to be updated or developed. Therefore, this will be part of the
risk-management plan that you will submit as your Signature Assignment. You will design a comprehensive checklist of all criteria to be validated during
design, development, and testing.
After you complete your checklist of database controls and applications, and development and implementation criteria, you will write your recommendations
as to the best practices to follow and observe to guarantee compliance with these proposed criteria. As part of your analysis and recommendations, present
a comparison of the waterfall model, spiral model, rapid application development, reuse model, and extreme programming as strategies for secure software
and application solutions supports the security posture of an organization.