Chapter 7: Applications and Systems Development

Overview

This chapter covers the security-related elements of application/systems development and data storage. We’ll discuss the procedures, risks, and safeguards that pertain to database management and security, application controls, and the steps used in system development. As with many of the other topics covered in this book, the concepts discussed in this chapter are as deep as the big blue sea. However, every effort has been made to distill only the facts needed to achieve certification success.

In contrast to earlier chapters, much of what this chapter aims to explain is not deeply rooted in standards. Instead, several of the practices and procedures we’ll discuss here provide an outline for systems development. In other words, they offer a framework that organizations can use in their efforts to develop and secure the many systems and applications that come about. Do not be too intimidated by the vagueness of these concepts; the exam is likely to test your fundamental knowledge of the different goals and objectives presented here—not every possible combination of developmental courses of action.

By the end of this chapter, you will have a good understanding of the essential concepts of applications and systems development, with a focus on data warehousing and mining, knowledge-based systems, the systems development life cycle (SDLC), and the different computing environments that applications run in.