System Development Life Cycle (SDLC) - GRC Playbook

This library of Information Technology (IT) Playbooks provides a set of fully loaded and editable templates that represent the core of what is generally required by management (including process owners), boards of directors and their audit committees, as well as internal and external auditors of relevant organizations, to document, assess, test, report and oversee the design and operating effectiveness of the typical key internal controls on which management is reliant to maintain compliance with IT Security regulatory requirements. They are drawn from a range of authoritative sources including the Committee of Sponsoring Organizations (COSO) and the American Institute of Certified Public Accountants (AICPA).

Download the Playbook

Unlock a wealth of information.

What is the System Development Life Cycle (SDLC) Playbook?

The Systems Development Life Cycle Playbook addresses the following areas:

Strategy / Project Governance
Change Management
System Design and Configuration
Data Conversion
Testing, and
Application Security and Segregation of Duties

Policy Document Template

These templates are designed to be a starting point for your clients, which can be tailored for your client's specific organizational needs.

Overview Flow Charts

A diagrammatic representation of the flow of assessment activities within your playbook.

Instructions

Our instructions for use. These are the same for all our playbooks, once you know how to use one, you can use them all.

Tutorial

A PowerPoint tutorial on the specific playbook, covering the most important aspects of this area of assessment.

General Control Activities over Technology (ITGC)

Information Technology Application Controls (ITAC)

System Development Life Cycle (SDLC)

Based on Authoritative Sources