How to navigate the software development life cycle (SDLC) under the GDPR - Jan 24, 2017
Inventory of 16 areas of pertinent GDPR Recitals and Articles that influence the SDLC’s Functional and Technical Planning and Requirements for IT departments
Článek najdete na portálu iapp.com na adrese: http://tinyurl.com/ydgph47t
Cituji z textu článku:
"In addition to the location of data, the GDPR deeply and significantly impacts the software development life cycle and corresponding IT-development processes for organizations that plan to rollout information systems’ projects within the EU.
But generally, we find the following common IT systems’ modules in most technologies that we use today
- The data transport and security layers
- The database and data architecture layers
- The application and logic layers; and
- The presentation and portal layers.
The SDLC, whichever type is used, manages and controls the information technology project, from planning to rollout, across these different layers or modules."
"Here is an inventory of 16 areas of pertinent GDPR Recitals and Articles that influence the SDLC’s Functional and Technical Planning and Requirements for IT departments. This list will be helpful to general counsels, CIOs and leaders of IT as they compile their system’s requirements for their EU groups.
One thing is certain; each of the above 16 points will have a place in the SDLC’s functional and technical design documentation for systems, and each will add some complexity to the overall system’s planning and design phases. In addition, many will impact the company’s overall customer support processes, as well, as the GDPR not only demands certain "pure" technical requirements but also business-functional requirements that are supported by both technology and business process."
Cituji ze závěru článku:
"The GDPR’s text contains both explicit and implicit systems’ functional and technical requirements that both affect and influence the SDLC of organizations that plan on rolling out systems into the EU. The impact of the GDPR on the software development begins at the data architecture and data transport layers and progresses well up into the portal and presentation layers. The underlying key to IT development success is planning for these requirements during the initial SDLC phases; while they may add some complexity during the SDLC initial planning and design phases, the overall development costs will be greatly minimized if considered as early as possible in IT systems’ build process."