Documenting New and Enhanced Systems

Ensuring that new and enhanced systems are adequately documented. All too often, due to budget and other resource limitations, documentation can be limited or even totally ignored. The Information Security threats become substantial - especially where changes and amendments are required, possibly at short notice for regulatory or other reasons.

To view the related Policy click      

  • When a sudden problem occurs on the system, a lack of adequate documentation can greatly increase the risk of serious mishap. 'Fixes' may be based upon staff experience and not supported by the original developer's documentation.

  • If your organisation is operating its major systems without comprehensive and up-to-date documentation, you should seriously consider initiating a project to remedy this.
  • Missing, out-dated or incomplete documentation can severely compromise the organisation's ability to maintain its software and systems.

  • All Systems Development work should be documented, i.e. as System Requirements; System Specification; System Design; System Functions etc.
  • Ensure that copies of all documentation, whether paper or electronic, are saved and placed into safe storage at the remote store.
  • Without documentation it still remains possible to perform a peer review of the source code, but its effectiveness is reduced and can allow errors and omissions to slip through, into Systems Testing and perhaps beyond, into User Acceptance Testing.

  • Always produce appropriate documentation as an integral part of the development process, not as an 'optional extra'.
Previous PageTop of this pageNext Page

Information Security Policies from US$595


Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word


Next PageUpPrevious Page