• Shopping Cart
    There are no items in your cart

S.R. CWA 15929:2009

Withdrawn

Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

BEST PRACTICES FOR THE DESIGN AND DEVELOPMENT OF CRITICAL INFORMATION SYSTEMS

Available format(s)

Hardcopy , PDF

Withdrawn date

13-05-2021

Language(s)

English

Published date

01-01-2009

€108.00
Excluding VAT

1 Foreword
2 TERMS AND DEFINITIONS
  2.1 Definition of a critical information system (CIS)
  2.2 Definition of CIS requirements
      2.2.1 General
      2.2.2 Integrity
      2.2.3 Availability
      2.2.4 Performance
      2.2.5 Capacity
      2.2.6 Security
      2.2.7 Maintainability
      2.2.8 Resilience
      2.2.9 Usability
  2.3 Additional comments and specific issues
3 GLOBAL MODEL OF CIS REQUIREMENTS
  3.1 Overview
  3.2 Basic assumptions
  3.3 Economic dimension
  3.4 Interdependencies of requirements
4 FUNDAMENTAL PRINCIPLES FOR DESIGNING AND BUILDING A CIS
  4.1 Introduction
  4.2 Identifying and agreeing upon service priorities with
      stakeholders
  4.3 Defining service continuity requirements
  4.4 Identifying and agreeing upon what should be monitored
  4.5 Setting up an iterative process
  4.6 Assuming that problems will occur during the Run phase
  4.7 Setting up a control system
  4.8 Performing risk and requirement based testing
5 BEST PRACTICES FOR DESIGNING AND DEVELOPING A CIS
  5.1 List of best practices
  5.2 Mapping practices vs. project phases
  5.3 Mapping practices vs. CIS requirements
6 ANNEX 1 - Best Practices Sheets
  6.1 BPS # CIS-01 - Modularity
  6.2 BPS # CIS-02 - Failure anticipation
  6.3 BPS # CIS-03 - Error propagation prevention
  6.4 BPS # CIS-04 - Bottleneck identification
  6.5 BPS # CIS-05 - Defensive programming
  6.6 BPS # CIS-06 - Execution time logging
  6.7 BPS # CIS-07 - Resource consumption survey
  6.8 BPS # CIS-08 - Early capacity planning
  6.9 BPS # CIS-09 - Industrialized testing
  6.10 BPS # CIS-10 - Friends and family probes
  6.11 BPS # CIS-11 - Transaction ID
  6.12 BPS # CIS-12 - Error case logging
  6.13 BPS # CIS-13 - Data timestamping
  6.14 BPS # CIS-14 - Service monitoring
  6.15 BPS # CIS-15 - Shared log service
  6.16 BPS # CIS-16 - Runtime reporting
  6.17 BPS # CIS-17 - PKI-based traceability
  6.18 BPS # CIS-18 - External security audit
  6.19 BPS # CIS-19 - Crisis management
  6.20 BPS # CIS-20 - Retention management
  6.21 BPS # CIS-21 - Failure mode analysis
  6.22 BPS # CIS-22 - Compliance with the relevant standards
7 ANNEX 2 - Life Cycle Processes
8 ANNEX 3 - References
9 ANNEX 4 (informative) - Workshop members

Describes a first level European agreement on best practices for market players to ensure quality in designing, developing, maintaining and operating critical information systems, including both applications and infrastructure.

DocumentType
Standard
Pages
75
PublisherName
National Standards Authority of Ireland
Status
Withdrawn

EN 60812:2006 Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA)
ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements
IEC 60812:2006 Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA)
ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
ARMA 8 : 2005 RETENTION MANAGEMENT FOR RECORDS AND INFORMATION
ISO/IEC 15288:2008 Systems and software engineering — System life cycle processes
AS/NZS 4360:2004 Risk management
ISO/IEC 16085:2006 Systems and software engineering — Life cycle processes — Risk management
ISO/IEC 12207:2008 Systems and software engineering — Software life cycle processes
ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
ISO 14721:2012 Space data and information transfer systems — Open archival information system (OAIS) — Reference model
ISO 15489-1:2016 Information and documentation Records management Part 1: Concepts and principles

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.