The institution establishes a systematic and standardized framework for developing and managing its software applications throughout their life cycle, including requirements, design, the build, deployment, operation and optimization.
Guideline code
ICT_01500
Mechanism
Mechanism
- The ICT unit, with the assistance of specialized units, should establish a systematic and standardized framework for developing and managing software applications throughout their life cycle, including requirements, design, the build, deployment, operation and optimization. This includes software development methodologies, software project management methodologies and a software quality model.
- The application of the framework for developing and managing software applications should follow an institutional roadmap for project development, which should be agreed at the highest governance level and updated annually.
- The application of the software development methodology should rigorously follow all its defined milestones. This can be achieved through an operative model that enforces this, as well as, ideally, through connection to the quality model.
- A specialized unit (independent from the software development unit) should control the application of the framework on software application management. The institution’s quality department or an external entity should carry out periodic audits.
Parent
Structure
Structure
- The board, with the assistance of the management and the ICT unit, should adopt a systematic and standardized framework for developing and managing software applications throughout their life cycle, including methodologies and a quality model.
- The ICT management (or the related organizational structure reporting to the management) should be responsible for application of the framework and for controlling compliance of the standards involved.
- The scope of the framework should include all the institution’s departments in which software development and application management activities are carried out (e.g. requirement specification, incident management, change management), and:
- External services that carry out these activities on behalf of the institution (e.g. under software development contracts) should apply the framework in developing and managing software applications;
- The contracts administration office should include the framework in requests for proposals (RFPs), contract documents and service level agreements.
- The framework for developing and managing software applications should follow national regulations for public administration.
- The framework should follow the institution’s governance frameworks, and be based on international standards and practices (e.g. CMMI; ISO/IEC 9126, 15504 and 20000; ITIL v3–Service Operation).
Title HTML
Guideline 10. Software development and application management
Type
Guideline_1
Weight
18