Publisher's Synopsis
This text provides guidance on the systematic consideration of security issues during the development of information systems. The approach outlined in this volume involves the combined use of two CCTA methods - the PRINCE project management method and the risk analysis and management method CRAMM. CRAMM provides a means of identifying and assessing the security requirement of an information system whilst PRINCE provides a framework for the disciplined application of CRAMM.