The Systems Development Life Cycle - Research Paper Example

? [Life Cycles, Standards, and Best Practices] Describe the systems development life cycle as itpertains to both the development of a custom application and the selection of proprietary systems. Systems development life cycle (SDLC) is basically a software development process which involves the formation or alteration of an information system. Considering specifically software engineering the SDLC concept includes several methodologies and concepts for developing these systems. Moreover the underlying procedures also involve planning and controlling the creation of an information system. Various software development approaches have been formulated which are applied individually during the software developmental process. These approaches are also termed as software development process models such as linear model, waterfall mode, V-model, incremental model, prototyping model, iterative model etc. These models are bound to follow a pre-determined life cycle for having success in their process of software development. Software life cycle models itself describes the associated phases of the software life cycle and the order in which each of its phase will be executed (Shelly & Rosenblatt, 2011). Small and Large organizations have now gained so much expertise that they develop their personalized systems for coordinating their requirements which also ensures them quality development. Development of a custom application also requires companies to formulate a thick SDLC manual which involves the basic information and rules followed while developing a particular system. Same is the case when any company makes a decision of purchasing proprietary system off the shelf from an outside vendor. They must critically evaluate their SDLC model which can easily adapt the company’s requirements otherwise management needs to limit some functionalities and designed sub-modules for handling such tasks. 2. Describe the major types and classifications of health care information standards and the specific organizations that develop and regulate these standards. Information and data standards involve major informatics constituents which are required for information flow through a specific health care information system infrastructure. For designing a health care information system certain regularized standards issued by the health care governing bodies are required to be followed. Once these are understood clinical and patient safety systems can be customized for multiple purposes for meeting the wide scope of data collection and their associated reporting requirements. New data standards have also supported effective assimilation of novel trends and discoveries into their decision support systems such as generation of an alert for having a new drug contraindication, and improvement to the care process (nap.edu, 2004). From the basic level data standards primarily involve standardization of data elements which involves defining, deciding the presentation model through designation of data types or terminologies and lastly determine how to encode a particular set of data for transmission. Some of the renowned health care data standard organizations are American Society for Testing and Materials (ASTM) responsible for architecture, storage, content, security and communication protocols for health care decision making, Current Procedural Terminology (CPT) which has intended for medical billing procedures, Digital Imaging and Communications in Medicine (DICOM) responsible for transmission of medical imaging equipment and their connectivity and many others (aspe.hhs.gov, 2013). 3. Discuss the need for, and identify methods of, accomplishing the security of information systems. The basic aim of an information system security procedure revolves around protecting the organization’s information by reducing the threat of risk and loss of confidentiality, integrity and accessibility of all that information to an agreed level. The need for having a good information security system involves risk analysis and risk management. Risk analysis involves assembling of information from every inventory for conducting a thorough research. The value of each data is categorized and the level of risk is also ascertained accordingly. Risk management is associated with selection of controls and security measures which has the ability to reduce business exposure to such inevitable risks. Once the planning phase is done the information which is relative to associated information is required to be balanced keeping in view the basic security limitations of the business (Stoneburner & Hayden, 2004). A two-tier approach is designed which offers systems audit framework the choices for having a gradual migration path from a lesser amount of complicated methodology to a very formalised and resource intensive tactic. Now the top-down approach is relatively simple and it can also assist in Supreme Audit Institutions for reaching final decisions related with security exposures of the information system under review. It provides a top-down view to the entire management exposing all security threats and then underlining recommendations. Contrary to the top-down approach a new strategy is defined which is quantitative security analysis which is related with the evaluation of threats in monetary terms which has be to very detailed and structured way including all assets and the probable threats and impacts to the information systems of the company (intosaiitaudit.org, 2010). 4. Create at least three (3) best practices for effective IT alignment and strategic planning. It is the goal of every organization to properly align their strategies and IT operational plans according to their business requirements. Information technology systems have the ability to support their chosen business strategies and then those areas can easily be transformed in order to achieve long term objectives. It is an undeniable fact the goal of having perfect alignment is not possible which is all because of the changing nature of business. Every business operates in its particular eco-system which is affected by its internal and external forces. The major players of this eco-system are economy, competitors, industry and technological tools and trends. In order to remain competitive for having differentiation it is the organization’s responsibility to adapt to the responses of any actions and activities which are taking place in the ecosystem. Companies which do not respond accordingly will lose their competitive edge and are bound to disappear (csuchico.edu, 2007). There are certain best practices which must be followed by a company for having effective IT alignment and strategic planning. The first option is to have a properly defined strategic plan which should embrace organization’s core competencies and is able to capitalize on them. For instance consider a business which is able to produce extremely efficient and streamlined low-cost products which are accepted by their customers. Moreover these products are also standardized and are available at reduced prices as compared to their competitors. Now at this point the company is only required to properly manage their continuing operations without making any major change in their prevailing system. It will be disastrous for this business to purse a strategy involving the production of high-end versions of the same product. It must always be kept in mind that strategic planning and IT alignment is not a one-time event, it is an ongoing and evolving process which cannot be stopped at a certain point. Hence the second best practice to follow is to develop readiness criteria for having a clear cut strategic planning. It requires documentation of IT capabilities by performing an internal and external SWOT, TOWS and GAP analysis (cioindex.com, 2012). The third best practice which can be followed for having effective IT alignment and strategic planning is engaging the company’s employees and co-workers in providing suggestions and their feedback which will help in aligning the company’s objectives along with strategic goals. Further it can be customized to organize objective based on its priorities, project resources and timelines for implementing the overall phenomenon. It is ascertained that business users and IT persons are involved mutually at the operational and management levels, which will ensure alliance of IT plans and operation according to the business requirements. Further these committees will also be responsible for monitoring and reporting the progress against their designed plans (jefferson-usa.com, 2010). References aspe.hhs.gov. (2013). Standards. Retrieved May 22, 2013, from U.S. Department of Health & Human Services: http://aspe.hhs.gov/sp/nhii/standards.html cioindex.com. (2012). 7 Steps to Business and IT Alignment. Retrieved May 22, 2013, from Startsmart Consulting: http://www.cioindex.com/article/articleid/18/7-steps-to-business-and-it-alignment.aspx csuchico.edu. (2007). IT Strategic Planning in the CSU. Retrieved May 22, 2013, from csuchico.edu: http://www.csuchico.edu/ires/plans/documents/strategicPlans/strategicPlanningStudy011707.pdf intosaiitaudit.org. (2010). Information System Security Review Methodology. Retrieved May 22, 2013, from EDP Audit Committee: http://www.intosaiitaudit.org/issrmeng.pdf jefferson-usa.com. (2010). Business to IT Alignment. Retrieved May 22, 2013, from Jefferson Proprietary Information: http://www.jefferson-usa.com/ver4/Business%20and%20IT%20Alignment.pdf nap.edu. (2004). Patient Safety: Achieving a New Standard for Care. Retrieved May 22, 2013, from National Academy of Sciences: http://www.nap.edu/openbook.php?record_id=10863&page=130 Shelly, G. B., & Rosenblatt, H. J. (2011). Systems Analysis and Design. New York: Cengage Learning. Stoneburner, G., & Hayden, C. (2004). Engineering Principles for Information Technology Security. Retrieved May 22, 2013, from NIST Special Publication: http://csrc.nist.gov/publications/nistpubs/800-27A/SP800-27-RevA.pdf Read More