In which of the following phases of system development life cycle (SDLC) is contingency planning most important?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Contingency planning requirements should be considered at every phase of SDLC, but most importantly when a new IT system is being conceived.
In the initiation phase, system requirements are identified and matched to their related operational processes, allowing determination of the system's appropriate recovery priority.
Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page 12)
and The Official ISC2 Guide to the CBK, Second Edition, Application Security, page 180-185
Contingency planning is the process of identifying and preparing for potential risks and unexpected events that may disrupt the normal functioning of a system or organization. It is an essential aspect of information security management and should be considered throughout the system development life cycle (SDLC).
However, contingency planning is particularly critical in the operation/maintenance phase of SDLC. This is because it is during this phase that the system is fully operational, and any disruption or downtime can result in significant losses for the organization, including financial losses, damage to reputation, and loss of data.
During the operation/maintenance phase, contingency planning involves identifying potential risks and developing strategies to mitigate those risks. This includes creating backups of critical data, implementing redundancy measures, developing disaster recovery plans, and establishing incident response procedures. These measures help to ensure that the system can quickly recover from any disruptions and continue to function effectively.
While contingency planning is important throughout the SDLC, it is during the operation/maintenance phase that it becomes most critical. This is because any disruption during this phase can have significant consequences for the organization, making it essential to have a robust contingency plan in place to minimize the impact of such disruptions.