Recommendations for data and application control best practices to control risks

NCU-FSB is in the process of implementing an ERP solution for  administrative process integration. The solution to be implemented will  cover all operations (loans, credit cards, mortgages, IRAs, investments,  and financial counseling services) with administrative operations  (human resources, finances, plant management, procurements, and asset  management, among others). To ensure that a chosen solution meets all  technical and security requirements, the CEO asked the CIO and you as  the CISO to analyze industry solutions and recommend the control  criteria every solution to be developed, either commercial off-the-shelf  (COTS) or in-house development must meet.

Instructions:

For this assignment, you must develop a diagram and a technical  paper, in which you design a control model for secure development.

Your paper should contain the following:

• Model with a checklist, outline, or flowchart of all the control  elements needed to review at the time of performing a database or  application for testing.
• Checklist must be useful for either for usability testing,  certifying completeness and compliance as part of the accreditation  process.
• Checklist should contain the criteria to be validated during design,  development, and testing. The criteria will eventually become the  standards for data and application management for all applications to be  updated or developed.
• Recommendations for data and application control best practices to control risks
• Comparison of the waterfall model, spiral model, rapid application  development, reuse model, and extreme programming, as strategies for  secure software best practices.

Length: 7 page technical paper and include a minimum of 5 scholarly articles not more than 5 years

The completed assignment should demonstrate thoughtful consideration  of the ideas and concepts presented in the course and provide new  thoughts and insights relating directly to this topic. Your response  should reflect scholarly writing and current APA standards. Include a plagiarism report.