Translate business requirements into a high-level design specification for software acquisition, taking into account the organization’s technological direction and information architecture. Have the design specifications approved by management to ensure that the high-level design responds to the requirements. Reassess when significant technical or logical discrepancies occur during development or maintenance.

There are no PSGs published for this topic; however, the topic is under review for future PSGs

Prepare detailed design and technical software application requirements. Define the criteria for acceptance of the requirements. Have the requirements approved to ensure that they correspond to the high-level design. Perform reassessment when significant technical or logical discrepancies occur during development or maintenance.

There are no PSGs published for this topic; however, the topic is under review for future PSGs

Implement business controls, where appropriate, into automated application controls such that processing is accurate, complete, timely, authorized and auditable.

There are no PSGs published for this topic; however, the topic is under review for future PSGs

Address application security and availability requirements in response to identified risks and in line with the organization’s data classification, information architecture, information security architecture and risk tolerance.

Configure and implement acquired application software to meet business objectives.

There are no PSGs published for this topic; however, the topic is under review for future PSGs

In the event of major changes to existing systems that result in significant change in current designs and/or functionality, follow a similar development process as that used for the development of new systems.

Ensure that automated functionality is developed in accordance with design specifications, development and documentation standards, QA requirements, and approval standards. Ensure that all legal and contractual aspects are identified and addressed for application software developed by third parties.

There are no PSGs published for this topic; however, the topic is under review for future PSGs

Develop, resource and execute a software QA plan to obtain the quality specified in the requirements definition and the organization’s quality policies and procedures.

There are no PSGs published for this topic; however, the topic is under review for future PSGs

Track the status of individual requirements (including all rejected requirements) during the design, development and implementation, and approve changes to requirements through an established change management process.

There are no PSGs published for this topic; however, the topic is under review for future PSGs

Develop a strategy and plan for the maintenance of software applications.

There are no PSGs published for this topic; however, the topic is under review for future PSGs