Introduction To The SDLC

Welcome to the
Introduction to the
SDLC
Training Course
Course Information:
• The top banner of the course contains information to help determine course progression.
• There are 4 Knowledge Checks inserted into the course. They can be used to help
determine if the student is grasping key concepts along the way. A final assessment is
at the end of the course.
• The course will take about 1 hour to complete.
Version: 8.0
Last Updated: 17-Feb-2011 1
Course Goals and Objectives
The goal of this course is to provide an introduction to the Software Development Life
Cycle (SDLC) process framework.
Upon completing of this course, the student will be able to:

• Recognize that the SDLC framework is required for all software-impacting projects in
Dell IT*
• Explain the story of the SDLC against the context of industry best practices
®
• Describe the 5-phase Microsoft Solutions Framework (MSF) and mapping of the SDLC
against that framework
• Recall how the SDLC helps fulfill corporate policies and standards
• Describe the SDLC’s process architecture and all the elements that comprise the SDLC
• Recommend a suggestion to improve the SDLC with an understanding of the SDLC
governance model
The course does not cover details about specific deliverables or activities. That information
is available on the SDLC site and would be made available via other training materials.
* Other organizations outside of Dell IT have adopted, or plan to adopt, the SDLC as their standard set of development processes. This
training is applicable to those organizations with some subtle differences that would be addressed in different training formats or forums.
2
Course Outline
Module 1
The Story of the SDLC
Module 2
The Process Architecture
Module 3
Compliance and Corporate Governance
Module 4
Continuous Improvement
3
Compliance
The Story of The Process Continuous
and Corporate
the SDLC Architecture Improvement
Governance
Introduction – Characteristics – Foundation – Value – Boundaries
• SDLC is a generic, industry term which is used to refer to a collection of

software process assets (or a process asset library) that together form a
framework which can be used to execute a software development project.
Software Development Life Cycle
• We’ve taken the generic “SDLC” term and practically applied it to refer to
the Dell IT Software Development Process. The SDLC website houses
the process asset library.
http://intranet.dell.com/dept/sdlc
4
Compliance
and Corporate
Governance
The SDLC…
 Is the standard set of development processes that
enables compliance with company policies and other
business and legal requirements.
 Is a library of resources and tools that enables
delivery of software development projects which
comprises:
– Activities – Standards
– Roles – Work Aids
– Deliverables – Training Materials
 Is organized in a user-friendly framework for use by
all segments, regions, and business partners.
 Is a continuous process improvement initiative and
is continually refined based on feedback received from
project teams, management, and business partners.
5
Compliance
and Corporate
Governance
• The SDLC has evolved from previous internal process improvement

initiatives (i.e., Horizon).
• The SDLC is based primarily on the best practices of the CMMI® for
Development (CMMI-DEV), as published and maintained by the Software
Engineering Institute at Carnegie Mellon University. The CMMI-DEV is the
industry standard process improvement maturity model for the development
of products and services.
• The SDLC also incorporates best practices from other process models to
help ensure a complete set of industry-tested processes is available for the
development of software solutions.
6
Compliance
and Corporate
Governance
Studies have shown that the following benefits can be gained from the
consistent use of standard processes:
• Increased Productivity/Reduced Duplication: Project teams that cross
segments and regions don’t have to waste precious project time reconciling
and negotiating through process, template, and tool differences.
• Best Practice Sharing: A single process architecture and team focused on
keeping the content fresh and updated allows us to quickly and more
efficiently take advantage of best practices discovered both internally and
externally, in the software engineering industry.
• Reduce Effort Associated with Reacting to Audit or Regulatory Issues:
A single process architecture used worldwide reduces the amount of effort
needed for us to react to audit and regulatory issues.
7
Compliance
and Corporate
Governance
Below are some benefits that other companies experienced as a result of

standardizing its IT processes.
Category Benefits Company

Cost 33% decrease in the average cost to fix a defect Boeing, Australia
15% decrease in defect find and fix cost Lockheed Martin Management and Data Systems
Increased accuracy in cost estimation Raytheon North Texas Software Engineering
Schedule 50% reduction in release turn around time Boeing, Australia
Improved and stabilized Schedule Performance Index Northrop Grumman Defense Enterprise Systems
Met every milestone (25 in a row) on time, with high quality Northrop Grumman Defense Enterprise Systems
and customer satisfaction
Quality Improved defect removal before test from 50% to 70%, Siemens Information Systems Ltd, India
leaving 0.35 post release defects per KLOC
Reduced software-defect-per-million-delivered-SLOC by Lockheed Martin Systems Integration
over 50%
Only 2% of all defects found in the fielded system Northrop Grumman Defense Enterprise Systems
Source: Why Make the Switch? Evidence about the Benefits of CMMI ®, March 2004 8
Compliance
and Corporate
Governance
The SDLC is required for all IT software development projects. However, it does not
contain all the IT processes needed to fund and support software systems. Below is
a diagram describing the other IT processes that support our software development
efforts.
Portfolio Management
1 The IT Portfolio
Management processes are
used to manage business
Enterprise requests and fund IT
Architecture SDLC projects.
2 Enterprise Architecture Production Support 3 The processes in the

processes define enterprise SDLC are executed to
standards and solutions that develop solutions to funded
need to be fulfilled for projects. These projects
projects with enterprise 4 The IT Production may include enterprise
strategic focus. Support activities start architecture components.
once the post-launch The SDLC’s processes end
warranty period ends. once the project’s solution
is deployed into the
production environment
and the post-launch
warranty period end. 9
Compliance
and Corporate
Governance
Knowledge Check
Indicate which of the following statements about the SDLC is TRUE:
a. The SDLC is required for all IT software development projects, irrespective

of project size, type, or effort.
b. The SDLC is based on the CMMI for Development.
c. The SDLC does not contain all the IT processes needed to fund, build, and
support software systems because portfolio management, enterprise
architecture, and production support processes exist to support the software
development processes.
d. The SDLC has incorporated best practices from many industry-proven
models and frameworks, including ITIL, PMI, and CoBIT.
e. All of the above statements are true.
See the next slide for the answer. 10

Compliance
and Corporate
Governance
Knowledge Check
Indicate which of the following statements about the SDLC is TRUE:
a. The SDLC is required for all IT software development projects, irrespective

of project size, type, or effort.
b. The SDLC is based on the CMMI for Development.
c. The SDLC does not contain all the IT processes needed to fund, build, and
support software systems because portfolio management, enterprise
architecture, and production support processes exist to support the software
development processes.
d. The SDLC has incorporated best practices from many industry-proven
models and frameworks, including ITIL, PMI, and CoBIT.
e. All of the above statements are true.
11
Course Outline
Module 1
Module 2
Module 3 Compliance and Corporate Governance
Module 4
12
Compliance
and Corporate
Governance
Introduction – Project Phases, Activities and Deliverables – Process Areas – Tasks and Roles –
Development Methods – Resources and Tools
The SDLC’s Process Architecture shows the relationship between the

activities and other resources and tools required to deliver a Dell IT project,
thus it is the largest module in this training course.
The first part of the module covers the primary elements of the Process
Architecture:
• Project Phases, Activities, and Deliverables
• Process Areas
• Tasks and Roles
We will walk through each Project Phase, Process Area, and the Role
definitions.
In the second part of the module, we illustrate how the primary elements are
combined to create Development Methods, based on Project Types and Life
Cycle Models.
Finally, in the last part of the module, we will look at the other resources and
tools (i.e., Work Aids) that are available to help ensure consistent and efficient
execution of the SDLC. 13
Compliance
and Corporate
Governance
This diagram depicts the primary elements of the SDLC’s Process Architecture.
Process
Area
Contains
Project Activity Deliverable

Phase Consists of Produces
Supported by
Work Aid
Task Role Standards, Training,
Tools, How-To’s, etc.
• A Project Phase consists of several Activities.

• An Activity is a collection of Tasks, that require one or more Roles and the use of
Work Aids, performed to complete a project Deliverable (or accomplish a project
milestone).
• An Activity is also aligned with (usually just one) Process Area. 14
Compliance
and Corporate
Governance
Let’s first focus on the Project Phases, Activities, and Deliverables of the
SDLC.
Process
Area
Contains

Supported by
Work Aid
15
Compliance
and Corporate
Governance
A Project Phase is a collection of logically related project activities, culminating in

the completion of one of more major deliverables or milestones. The SDLC is
organized into 5 Phases: Envisioning, Planning, Developing, Stabilizing, and
Deploying.
These phases are defined by the Microsoft® Solutions

Framework (MSF) and originally adopted by Dell IT in
1999.
Over the past several years, Dell IT has matured its

development process, but the foundation continues to
be the MSF.
In the next few slides, we will look at each of the 5 Project Phases and some of
the activities and deliverables in the phases.
Note: In the SDLC, deliverables appear in the phase where the deliverable is
initiated or started. The deliverable may be completed or updated in a
subsequent phase as dictated by the project and its dependencies. 16
Compliance
and Corporate
Governance
Envisioning – Planning – Developing – Stabilizing – Deploying
Activities
During the Envisioning phase,
the high-level requirements and • Plan Project
business goals for the project • Establish Estimates and Schedules
• Identify and Manage Process Exceptions
are identified. Using this • Refine Business Requirements
information, the Business • Conduct Peer Review (Requirements)
• Comply with TAGS
Requirements are documented.
This phase ends when the Business Deliverables

Requirements are approved, defining the • Project Kick-off Presentation
scope of the project. • Project Management Plan (PMP)
• Software Configuration Management
(SCM) Plan
Other activities include: Developing a project • Project Schedule
• Process Exception Form
plan and other planning documents, • Business Requirements Document (BRD)
estimating, selecting the set of the SDLC • Peer Review Form (Requirements)
• TAGS Request Form
processes to be used by the project, and
setting up the systems and processes for on-
going project monitoring and controlling.
17
Compliance
and Corporate
Governance
During the Planning phase, the Activities

team identifies the technical • Define System Requirements
• Define Infrastructure Requirements
and infrastructure requirements • Conduct Peer Review (Requirements)
that it will implement and • Establish Estimates & Schedules
• Plan Testing
decides how to implement • Create Change Ticket
them. In addition, the project • Create Launch Orchestration Plan (LOP)
• Perform Security Risk Assessment &
schedule is finalized. Analysis
• Manage Records Retention Data
• Perform Disaster Recovery Tasks
This phase ends when the project plan
(which includes all project milestones) is Deliverables
approved. • System Requirements Specification
• Infrastructure Documentation
• Peer Review Forms (Requirements)
Other activities include: Test planning, • Project Schedule
deployment planning, estimating, and other • Change Ticket
• Test Specification
compliance and policy-related activities (i.e., • Launch Orchestration Plan (LOP)
records management, disaster recovery • Global Security Risk Assessment
• Records Retention & Legal Hold
planning, security planning). Questionnaire 18
• DARP Handbook
Compliance
and Corporate
Governance
Activities
During the Developing phase, the
• Design
appropriate teams design, develop • Conduct Peer Review (Design)
and test the code, infrastructure, • Code and Unit Test
• Conduct Peer Review (Code)
and deployment documentation. • Conduct Development Integration Test
(DIT)
• Perform Data Classification Tasks
This phase ends when all of the code • Create Test Cases
• Create Implementation and Back-out
components are complete. The testing Instructions
done in this phase is development-centric,
normally referred to as unit test and
development integration test (DIT). Deliverables
• Technical Design Specification
• Peer Review Form (Design)
Other activities include: Creating test cases • Source Code
for the independent testing cycles, • Peer Review Form (Code)
• Data Classification
preparing for deployment with • Test Cases (Unit Test & DIT)
implementation and back-out instructions, • Test Cases (SIT)
• Test Cases (UAT)
and classifying data per Dell policies. • Implementation and Back-out Instructions
19
Compliance
and Corporate
Governance
During the Stabilizing phase, the appropriate teams test,

stabilize the product, and prepare the software for release into
the production environment.
Activities
The testing done in this phase is
independent testing, what is often referred to • Conduct SIT and UAT
• Prepare for Application Support and
as System Integration Test (SIT) and User Training
Acceptance Test (UAT). • Manage Testing Defects
This phase ends when the product is Deliverables

approved for release.
• Application Support Package
• Database Maintenance and Support
Other activities include managing testing Package
defects and preparing the documentation
needed to support the system once
deployed into the production environment.
20
Compliance
and Corporate
Governance
During the Deploying phase, the release team deploys the product
into the production environment.
Activities
• Train Application Support and End Users
The application support organization and the • Deploy System to Production
end users are trained prior to deployment. • Monitor System
• Close Project
The post-deployment warranty period
(usually 30 days) goes into effect during this
Deploying phase. Deliverables
No new Deliverables are initiated during the
This phase ends when the project’s Deploying Phase.
acceptance criteria have been met, formally
closing the project.
21
Compliance
and Corporate
Governance
Finally, some activities occur in ALL PHASES, throughout the

development life cycle. They are on-going and are referred
to as the Project Monitoring and Control activities.
Activities
• Identify and Manage Risks
These activities include: • Control Change
• Identifying and managing risks • Manage Project Performance Data
• Report Project Status
and issues • Conduct Phase Exit Reviews
• Managing change to the project
(i.e., scope change) Deliverables
• Monitoring the project’s • Risks
performance data • Change Request Form and Log
• Project Status Report
• Attending project status meetings • Phase Exit Review Presentation
• Reporting project status
• Conducting phase exit reviews
22
Compliance
and Corporate
Governance
The conclusion of a Project Phase is marked by a

review of both key deliverables and project
performance in order to determine if the project
should:
• Continue into its next phase as defined,
• Continue into its next phase with modifications, or
• Be terminated
Formal sign-off is obtained at each phase exit to certify that:

• Required phase deliverables have been reviewed, completed and approved.
• Any relevant issues are closed or are not significant enough to hold up the
phase exit.
• The project is appropriately resourced for the next phase.
• Remaining project schedule is realistic and achievable.
The Phase Exit Review and other interim reviews, like peer reviews and code
reviews, are also used to detect and correct errors in a cost effective manner.
23
Compliance
and Corporate
Governance
Knowledge Check
Match the project phases with the primary deliverables that are produced by
that phase.
Project Phases Deliverables

1. Envisioning a. System deployed to production
2. Planning b. Business (or High Level) Requirements
3. Developing c. Design
4. Stabilizing d. Functional Requirements
5. Deploying e. Code
f. System Integration Test
g. Project Management Plan
See the next slide for the answer. 24

Compliance
and Corporate
Governance
Knowledge Check
Match the project phases with the primary deliverables that are produced by
that phase.
Project Phases Deliverables

1. Envisioning a. System deployed to production
2. Planning b. Business (or High Level) Requirements
3. Developing c. Design
4. Stabilizing d. Functional Requirements
5. Deploying e. Code
f. System Integration Test
g. Project Management Plan
25
Compliance
and Corporate
Governance
Next, we will look at Process Areas and describe how they are aligned with
Activities.
Process
Area
Contains

Supported by
Work Aid
26
Compliance
and Corporate
Governance
Process Areas are logical groupings of related activities that have particular
relevance to one or more project roles. The SDLC is organized into 7 Process
Areas:
Project Requirements
Architecture Design Development Testing Deployment
Management Management
The Process Area pages in the SDLC contain:

– Links to SDLC Activities and Roles that are pertinent to the process area
– A Library that provides access to internal and external material
– The Meet the Community list of people who have volunteered to be
identified as SMEs in the process area and are willing to help improve the
process content and mentor other in the process area.
In the next few slides, we will look at each of the 7 Process Areas of the SDLC.
27
Compliance
and Corporate
Governance
Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment
Project Management is responsible for

ensuring that the project successfully delivers
the agreed upon scope of work as outlined by
the project’s goals and objectives.
The Project Management discipline plans,

organizes, and manages resources within
project time, schedule, and budget constraints,
while monitoring the dependencies of other
projects and initiatives.
28
Compliance
and Corporate
Governance
Requirements Management is tasked to:

• Produce and analyze customer, product,
and product component requirements,
• Manage the requirements of the project's
products and product components, and
• Identify inconsistencies between those
requirements and the project's plans and
work products.
29
Compliance
and Corporate
Governance
Architecture serves as the blueprint for the IT

solution and defines technical constraints and
parameters that must be considered by design
and implementation teams. The architecture
specifies system qualities, such as performance,
stability, and security, none of which can be
achieved without a unifying architectural vision.
Unlike low-level design, architecture is concerned with global design

constraints. As systems become larger and more complex, so do the
design problems. Thus, Dell IT’s Enterprise Architecture Framework (EAF)
provides a standard framework from which complex IT solutions can be
architected. The EAF offers a methodology to help ensure that complex
solutions are architected in a manner consistent with the goals of the
enterprise.
30
Compliance
and Corporate
Governance
The Design process area addresses the

conceptual, logical, and physical components
using design concepts, constraints, modeling
languages, and design patterns to aid in the
development of the solution.
The SDLC offers guidance on design

techniques that could be used on your project.
31
Compliance
and Corporate
Governance
Development is where software developers

construct the solution by implementing the design
to meet the project's functional and non-functional
requirements.
This area includes coding, code review, unit test,

and development integration test, commonly
referred to as DIT.
32
Compliance
and Corporate
Governance
The purpose of the Testing process area is to

demonstrate that a product or product
component satisfies requirements and fulfills its
intended use when deployed to the target
environment(s).
Testing, in the Dell IT environment, may include:

• System Integration Test (SIT)
• User Acceptance Test (UAT)
• Regression Test
• Performance Test
33
Compliance
and Corporate
Governance
The Deployment process area

focuses on the act of identifying, assembling, and
deploying one or more approved changes to IT
services.
Hardware, software, documentation, processes

and other required components are put together
to create a Release Package.
The contents of each Release Package are

managed, tested, and deployed into production
environment as a single entity.
34
Compliance
and Corporate
Governance
As stated before, Activities are mapped to Process Areas. Below is a

view of some Activities and their Process Area alignment.
Project Requirements
Management Management Architecture Design Development Testing Deployment
• Plan Project • Refine • Develop • Design • Code and Unit • Plan Testing • Create Launch
Business Architecture Test Orchestrate
• Establish • Create Test
Requirements and High Level Plan (LOP)
Estimates and • Conduct DIT Cases
Design
Schedules • Define System • Create Change
• Perform • Conduct SIT
Requirements Ticket
• Identify and Disaster and UAT
Manage • Define Recovery • Create
• Manage
Process Infrastructure Tasks Implementation
Testing Defects
Exceptions Requirements and Back-out
• Perform
Instructions
• Identify and Security Risk
Manage Risks Assessment • Prepare for
and Analysis Application
• Conduct Phase
Support and
Exit Reviews
User Training
• Deploy System
to Production
Notes: The above is not a complete list of SDLC activities and their alignment to process areas. Consult the SDLC for comprehensive
information. 35
Compliance
and Corporate
Governance
We have discussed Project Phases, Activities, Deliverables, and

Process Areas. Next, we will talk about Tasks and Roles.
Process
Area
Contains

Supported by
Work Aid
36
Compliance
and Corporate
Governance
A Task is an instruction for the specific step that is performed as part of

executing an Activity. A Task is performed by one or many Roles.
In the SDLC, tasks are embedded in the Activity definitions and include swim
lane diagrams with detailed explanation of what each Role must do to
accomplish the task. Below is an snapshot of some Roles and Tasks from the
“Code and Unit Test” activity:
Develop Unit Code Conduct Unit Cleanup

Test Components Test Code
Developer
Conduct
Code Peer
Review
Plan Unit
Test and DIT
Development
Lead
37
Compliance
and Corporate
Governance
A Role is an individual or group participating in the project. Roles have

responsibilities to complete tasks or deliverables as described by the RACI
notation: Responsible, Accountable, Consulted, and Informed.
The SDLC recognizes 9 primary project roles. In the next several slides, each
of these Roles is described.
Business
Support Lead Business Analyst
Database Project Project Manager

Administrator Team
Development
Solution Architect
Lead
Tester Developer
38
Compliance
and Corporate
Governance
Business – Business Analyst – Project Manager – Development Lead – Developer – Tester – Solution Architect –
Database Administrator – Support Lead
The Business refers to the customer roles that enable the project
and for whom the project will produce the agreed-upon benefit(s),
which justify its production. Additionally, the Business:
• Is ultimately responsible for securing funding and resources for

the project.
• Acts as a vocal and visible champion.
• Legitimizes the project’s goals and objectives.
• Keeps abreast of major project activities.
• Is the ultimate decision-maker for the project, having final
approval of all scope changes, and signs off on approvals to
proceed to each succeeding project phase.
39
Compliance
and Corporate
Governance
The Business Analyst has primary responsibility for requirements

management for the project. Specifically, the Business Analyst:
• Leads requirements analysis and verification, ensuring that

requirement statements are correct, unambiguous, complete,
consistent, prioritized, testable, understandable, and that they
conform to standards.
• Helps negotiate priorities and resolve conflicts among project
stakeholders.
• Manages requirements traceability information and track
requirements status throughout the project.
• Acts as the key interface between business and technology
teams in defining and influencing business requirements and
assists in developing the appropriate system solutions.
40
Compliance
and Corporate
Governance
The Project Manager drives the overall process and is

responsible for delivering the right product at the right time.
He/she owns the project schedule, reports project status,
manages resource allocation, enabling the rest of the team to
meet their goals. Additionally, the Project Manager:
• Manages the product scope and specification: This involves

facilitating team communication and negotiation and driving
overall critical tradeoff decisions.
• Manages team "health" and roles: Keeping the team
spirited and engaged and maintaining role clarity is critical
to success throughout the project.
• Manages project risks and issues, by maintaining a risk
management plan, assigning mitigating actions to
individuals, and reporting regularly on the impact of
outstanding issues and risks.
41
Compliance
and Corporate
Governance
The Development Lead, along with the Developer, is responsible

for building the product the customer wants. The Development
Lead, however, serves as the development team's central point of
contact to the Project Manager, leading and communicating on
behalf of other developers. Additionally, the Development Lead:
• Serves the team as a technology consultant: Early in the

development process, the Development Lead provide input into
high-level designs, evaluate technologies, and help to validate
potential solutions and mitigate risks as technology consultants.
• Estimates time and effort to complete the product: The result of
this estimate will determine the team's overall product schedule.
• Carries responsibility for design, design reviews, code reviews,
and unit testing coverage, ensuring that all Developers have a
complete understanding of product specifications and customer
expectations.
• Supports product installation and deployment: The Development
Lead may be required to write project-specific scripts and develop
code that will aid the team in installing and deploying the product. 42
Compliance
and Corporate
Governance
The Developer, along with the Development Lead, is

responsible for building the product the customer wants. In
many cases, there are many developers on a project team.
The Developers:
• Help specify requirements and architecture: During the early

stages of a project, developers may be expected to help
specify product requirements not included in the customer
requirements and to work on analysis and architecture
activities as part of a multi-disciplinary team.
• Estimate time and effort to complete the product, the result
of which will determine the team's overall product schedule.
• Develop, configure, and customize the product, writing all
the core code for the project and create the design for the
project.
• Support product installation and deployment, writing project-
specific scripts and code that will aid the team in installing
and deploying the product.
43
Compliance
and Corporate
Governance
The Tester (or Test Analyst) is able to accurately portray the

status of the product at any time by clearly stating what is
currently wrong and what is currently right with the product or
product deployment. Specifically, the Tester:
• Develops test specification, plans, and scripts: The testing

role should have a good understanding of user needs and of
how the product will meet those needs.
• Conducts tests: The testing role conducts tests to accurately
determine the status of product development or deployment.
44
Compliance
and Corporate
Governance
For projects with enterprise strategic focus, the Solution

Architect is the person responsible to analyze the customer and
product needs and specify an acceptable solution that
addresses enterprise architecture goals.
The Solution Architect supports the Development Lead and

Developers in developing the product, participating in design and
code Reviews as needed.
45
Compliance
and Corporate
Governance
The Database Administrator (DBA) manages technical

assessment and design activities as they relate to enterprise
databases and contributions to project development efforts
include providing guidance toward project architecture, design
and modeling principles, standards, and configuration as a
project core team member. Specifically, the DBA:
• Corroborates in the development or modification of the

enterprise logical data model by reviewing for architectural
soundness, data integrity assurance, high availability and
optimal performance considerations, scalability and
maintainability.
• Actively participates in code, architecture, and mapping
reviews with application team and with DBA counterparts in
other regions.
• Participates in unit tests to provide validation and avoid
potential impact to the production database environment.
• Ensures the database meets all SOX and Dell Compliance
security requirements. 46
Compliance
and Corporate
Governance
The Support Lead represents the organization that will support

the product once it has been migrated to the production
environment.
The Support Lead is responsible for understanding the needs of

operations and support personnel and representing those needs
to the team to ensure that the product is deployable,
manageable, and supportable.
The Support Lead also helps ensure that the support

organization is ready to accept the product.
47
Compliance
and Corporate
Governance
There may be other roles required to help make a project successful, but the
primary IT functions are represented by these 9 roles. Other functional roles
may be added to the project team based on the needs of the project.
Business
Support Lead Business Analyst
Database Project Project Manager

Administrator Team
Development
Solution Architect
Lead
Tester Developer
48
Compliance
and Corporate
Governance
The SDLC defines a RACI responsibility matrix to describe the participation by

various roles in completing deliverables. RACI is an acronym derived from the
four key responsibilities most typically used:
Responsible: The person or people responsible for writing, revising, and

delivering the work product, and which is reflected as an assigned task.
R
Accountable: The person who is ultimately answerable for the correct and
thorough completion of the deliverable and the one to whom R is
accountable. There can only be one Accountable role for a deliverable.
A
Consulted: The key resources who are consulted and whose opinions are
sought to help complete a work product. These people are considered Subject
Matter Experts in the area of the deliverable or task and its content.
C
Informed: Though all project team members should be informed on the
status of work products, the people with the Informed designation must be
kept up-to-date because of a vested interest or dependency.
I
49
Compliance
and Corporate
Governance
Knowledge Check
Indicate what roles would most likely be “Accountable” for a deliverable. The
Accountable role is ultimately answerable for the correct and thorough completion
of the deliverable, and there can only be one person Accountable for each
deliverable.
Role Deliverables
1. Business a. Business (or High Level) Requirements
2. Business Analyst b. Database Maintenance & Support
3. Project Manager Package
4. Development Lead c. Design
5. Developer d. Architectural Constraints
6. Tester e. Source Code
7. Solution Architect f. System Integration Test Cases
8. Database Administrator g. Project Schedule and Milestones
9. Support Lead h. Project Funding
i. Application Support Documentation
See the next slide for the answers. 50

Compliance
and Corporate
Governance
Knowledge Check - Answers
Indicate what roles would most likely be “Accountable” for a deliverable. The
Accountable role is ultimately answerable for the correct and thorough completion
of the deliverable, and there can only be one person Accountable for each
deliverable.
Role Deliverables
1. Business a. Business (or High Level) Requirements
2. Business Analyst b. Database Maintenance & Support
3. Project Manager Package
4. Development Lead c. Design
5. Developer d. Architectural Constraints
6. Tester e. Source Code
7. Solution Architect f. System Integration Test Cases
8. Database Administrator g. Project Schedule and Milestones
9. Support Lead h. Project Funding
i. Application Support Documentation
51
Compliance
and Corporate
Governance
We’ve covered most all of the primary Process

Area
process elements of the SDLC.

Phase
These elements are combined to create

Development Methods. Task Role Work Aid
A Development Method describes the Development

full set of activities and process elements Method
that a project can use, considering the
Project Type and the Life Cycle Model Project Life Cycle
being used by the project. Type Model
52
Compliance
and Corporate
Governance
Development Methods
Project
Phase
Project
Process
Area Project Types
Phase
Project
Phase
Phase
Task Role Work Aid
Each Development Method contains

elements from all the 7 Process Areas,
and the activities and deliverables are
mapped to the 5 Project Phases.
Life Cycle Models

53
Compliance
and Corporate
Governance
Development Methods
Project
Phase
Project
Process
Area Project Types
Phase
Project
Phase
Phase
A Project Type takes
into consideration the
Task Role Work Aid different characteristics
or traits of the software
development project.
The SDLC recognizes 4 Project Types:
• Custom Software Development: The in-house design and development of software

solutions.
• Oracle Development: The development and enhancement of Oracle applications.
• Data Warehouse Development: Solutions for data warehousing and business intelligence
projects that support decision making through the collection, storage, delivery, presentation,
and analysis of data.
• COTS/Package Integration: The integration of Commercial-Off-The-Shelf (COTS) solutions,
54
with or without custom developed code.
Compliance
and Corporate
Governance
Development Methods A Life Cycle Model describes the relative

Project
Phase Process sequence in which activities are
Area
Project
Phase
performed.
Project
Phase
Project
Phase
Activity Deliverable The SDLC supports 3 Life Cycle Models:
• Traditional: Sometimes referred to as

Task Role Work Aid “Waterfall”, progress is seen as flowing
steadily downwards through the project
phases. However, project phases can
slightly overlap.
• Agile: Based on iterative development,
where requirements and solutions are
allowed to evolve throughout the
project.
• Maintenance: A slimmed down version
of the Traditional life cycle model for
projects that are short in duration
consisting of minor enhancements and
bug fixes to existing software products.
Life Cycle Models

55
Compliance
and Corporate
Governance
Development
The Development Methods are defined when we Method
put the Project Types and Life Cycle Models in a
matrix. Currently, 5 Development Methods are Project Life Cycle
Type Model
defined, with others being created or planned (see
table below).
At the beginning of a project, the team must select the Development Method that
will be used, thus dictating the activities and deliverables that are required.
Life Cycle Models
Project Types
Traditional Agile Maintenance
Custom Software
Development
Oracle
Development
Data Warehouse
To Be Determined
Development
COTS/Package
Planned
Integration
56
Compliance
and Corporate
Governance
An interactive Development Method Selector Guide

is available on the home page of the SDLC site to help
teams determine which Development Method should
be used based upon attributes of the system that is to
be developed or enhanced.
57
Compliance
and Corporate
Governance
Lastly, in this module, we will talk about the other Resources and
Tools that are available in the SDLC. We refer to them as Work Aids.
Process
Area
Contains

Supported by
Work Aid
58
Compliance
and Corporate
Governance
The SDLC is filled with Work Aids that are available to help perform the
activities in the framework. These Work Aids are categorized as
follows:
Dell Policies and Standards Procedures
References to the core set of Dell policies and These documents describe step-by-step actions
standards that affect software development projects. needed to accomplish a task. They are often too
detailed to be included in the Activity and Task
descriptions, thus they are documented separately.
Checklists
Includes things like:
• Code Review Checklists, to be used during Training
peer/code review for the coding languages used in IT References training material that is available.
• Phase Entry and Exit Criteria Checklists, to help the
team determine readiness for moving into or out of a
project phase. Guidelines
• SDLC Self-Assessment Checklist, to help teams self- The broad category of Work Aid and How-To
check compliance to the standard processes documents that include things like:
• Characteristics of Excellent Requirements
Coding and Testing Standards • Defining As-Is and To-Be Business Processes
• Creating the Project Status Report
Different from Dell Standards, these documents are
available to help bring consistency in coding and • List of Common Risks
testing practices. • Production Trouble Ticket Severity Definitions
• Design Techniques
59
Compliance
and Corporate
Governance
The processes in the SDLC are also aligned with the standard set of IT
project management and development tools. This integration helps the
organization to become more efficient and effective.
Project and Portfolio Management Asset Management Change and Release Management
Project Management Requirements Management Defect Management

Source and Configuration Management Test Management
Build Management
60
Compliance
and Corporate
Governance
Knowledge Check
Match the terms with their definitions.
Term Definition
Process Area Describes the full set of activities and process elements that a project can use, considering
the Project Type and the Life Cycle Model being used by the project.
Project Phase A collection of logically related project activities, culminating in the completion of one of more
major deliverables or milestones.
Development Method An individual or group participating in the project.
Role Logical groupings of related activities that have particular relevance to one or more project
roles.
Project Type Resources and tools that are available to help perform the activities in the SDLC.
Activity Describes the different characteristics or traits of the software development project.
Task An instruction for the specific step that must be performed as part of executing an Activity.
Life Cycle Model A collection of tasks, that require one or more Roles and the use of Work Aids, performed to
complete a project Deliverable (or accomplish a project milestone).
Work Aid Describes the relative sequence in which activities are performed.

Compliance
and Corporate
Governance
Knowledge Check - Answers
Match the terms with their definitions.
Term Definition
Process Area Describes the full set of activities and process elements that a project can use, considering
the Project Type and the Life Cycle Model being used by the project.
Project Phase A collection of logically related project activities, culminating in the completion of one of more
major deliverables or milestones.
Development Method An individual or group participating in the project.
Role Logical groupings of related activities that have particular relevance to one or more project
roles.
Project Type Resources and tools that are available to help perform the activities in the SDLC.
Activity Describes the different characteristics or traits of the software development project.
Task An instruction for the specific step that must be performed as part of executing an Activity.
Life Cycle Model A collection of tasks, that require one or more Roles and the use of Work Aids, performed to
complete a project Deliverable (or accomplish a project milestone).
Work Aid Describes the relative sequence in which activities are performed.
62
Course Outline
Module 1
Module 2
Module 2 The Process Architecture
Module 3
Module 4
63
Compliance
and Corporate
Governance
In Module 1, The Story of the SDLC, we made this

statement about the SDLC:
“It defines the standard set of development processes enabling compliance
with company policies and other business and legal requirements.”
In this module, we will explore the

Compliance and Corporate Governance Internal
aspects of the SDLC, revealing how the Application SDLC
Development Standard
SDLC enables project teams to comply Policy
with:
• The Internal Application Development Dell Business
Legal
Policy Requirements
Processes and
Standards
• The SDLC Standard
• Legal Requirements
• Dell Business Processes and Standards.
64
Compliance
and Corporate
Governance
Internal Application Development Policy – SDLC Standard – Legal Requirements – Dell Business Processes and Standards
• The Internal Application Purpose Statement

Development Policy applies to “Ensuring that software development
software development activities activities are seamlessly planned and
conducted in support of internal Dell efficiently executed, regardless of
organizational structures or geographies, is
business functions. vital to drive and support Dell’s growth
plans. This policy defines the means by
• It is owned by the CIO and is regularly which internal application development can
reviewed and updated. See the attain consistency of approach and the
Safe@Dell website to review the ability to continuously improve processes
and performance.”
policy in its entirety.
Seamlessly Planned Globally Consistent Supports Dell’s

Efficiently Executed Growth Plans
65
Compliance
and Corporate
Governance
• The SDLC Standard exists to enable compliance with the Internal Application
Development Policy.
• It requires that the SDLC framework be used on software development and
maintenance projects to ensure that the minimum software engineering and project
management practices are executed.
• It organizes the minimum practices by process area and indicates which practices
are required, recommended, or not applicable based on software release type.
• See the Safe@Dell website to review this standard in its entirety.
Software Release Type
# Practice Major Minor / Service Hot Fix
Pack
Requirements Management
1 Business requirements are documented, reviewed, and approved. Required Recommended N/A
2 Technical requirements are documented, reviewed, and approved. Required Required N/A
3 Infrastructure requirements are documented, reviewed, and approved. Required N/A N/A
4 Security requirements are documented, reviewed, and approved, per Dell’s Secure Application Required Required N/A
Development Standard.
5 Requirements traceability matrices are documented and used to ensure all needs are being Recommended Recommended N/A
addressed.
6 Change control procedures are documented and used to manage and communicate changes to Required Required Required
approved requirements.
Development
7 Technical designs are documented. Required Required N/A
8 Design reviews are conducted for new or significantly modified functions. Required Recommended N/A
66
Compliance
and Corporate
Governance
As a major corporation, Dell must comply with relevant

laws, regulations and policies, including:
• Sarbanes-Oxley Act of 2002 (SOX)
Describes specific mandates and requirements for financial
reporting
• Payment Card Industry (PCI) Data Security
Standards (DSS)
Multifaceted security standard that includes requirements for
security management, policies, procedures, network
architecture, software design and other critical protective
measures, intended to help organizations proactively protect
customer account data
• SOP 98-1
Requires entities to capitalize certain internal-use software
costs once certain criteria are met.
67
Compliance
and Corporate
Governance
Finally, Dell has internal processes and standards that enable us to protect,
store, and recover the data entrusted to us, while using the technologies that
support the long-term strategy of the company.
Secure Application Disaster Recovery Policy Data Classification

Development Standard Outlines requirements of Dell IT to Standard
Establishes requirements that are establish standards, processes and Protects the confidentiality of Dell
intended to ensure stability, reliability controls for the timely recoverability of electronic information worldwide,
and security of Dell’s critical business critical data and information including actual, potential and former
computing resources processing systems. Dell customer, employee, and
business partner information
Click here to access. Click here to access. Click here to access.
Global Records IT Control Self- Technology & Architectural

Management Policy Assessment (CSA) Global Standards (TAGS)
Sets forth principles which address Examines internal control Enables appropriate infrastructure,
the management of Dell’s records. It effectiveness with the objective of application development, and security
applies to company records produced providing reasonable assurance that capabilities are implemented
and maintained in all media formats all business objectives are met
Click here to access. Click here to access. Click here to access. 68

Compliance
and Corporate
Governance
• We take policies and standards very

seriously.
• Violation of policy can cost Dell money
and possibly cost you your job.
• The SDLC is available to help project
teams comply, in the most efficient
manner possible.
Internal Application
Development Policy
SDLC Standard
Legal Requirements
Dell Business Processes

and Standards
69
Course Outline
Module 1 The Story of the SDLC
Module 2
Module 2
Module 3
Module 4
70
Compliance
and Corporate
Governance
In Module 1, we stated that the SDLC is

a Continuous Improvement initiative
that is refined based on feedback
received from project teams,
management, and business partners.
The ability to revise SDLC assets over

time ensures that the framework evolves
in a controlled manner to best address
the needs of the changing business and
IT environments, while improving the
effectiveness of our process and the
quality of our deliverables.
71
Compliance
and Corporate
Governance
An SDLC Governance Model exists to guide the

Continuous Improvement initiative. Some key
features of the model include:
• Anyone can submit a Process Change Request (PCR).

• The PCR submitter provides a detailed description and
proposed solutions for the proposed change.
• The SDLC Process Review Board (PRB), with
representatives from the IT segments and functional
groups, reviews and approves changes before they are
made in the SDLC.
Below are additional resources:

• The SDLC Change Control Process: How to Submit a Request to
Change the Dell IT Standard Development Process
• The SDLC Process Governance Site
72
Compliance
and Corporate
Governance
This concludes the Introduction to the SDLC Training Course
The Key Concepts that were covered are as follows:
• The SDLC is the process framework that is required for all software-impacting
projects in Dell IT.
• The SDLC is based on the CMMI for Development and the 5-phase Microsoft®
Solutions Framework (MSF). It also includes concepts from other industry
recognized best practice models (ITIL, PMI, etc.).
• The SDLC helps fulfill corporate policies and standards.
• The SDLC’s process architecture is comprise of project phases, activities, tasks,
roles, process areas, and development methods.
• Work aids (i.e., resources and tools) are available to enable efficient execution
of the SDLC.
• Users can submit requests to improve the SDLC, keeping it evergreen as the
organization changes and as industry best practices are revealed.
73
Compliance
and Corporate
Governance
Final Assessment
• The next few slide contain 10 questions to
help test your knowledge of the key
concepts from this course.
• Good Luck!
74
Final Assessment
1. The SDLC is required only for large software development projects in IT.
 True
 False
2. The SDLC is based primarily on the CMMI for Development and the 5-phase
®
Microsoft Solutions Framework.
 True
 False
3. The SDLC does not contain all the IT processes needed to fund and support
software systems. Other processes exist to address portfolio management,
enterprise architecture, and production support needs, all of which complement the
SDLC.
 True
 False

Final Assessment
1. The SDLC is required only for large software development projects in IT.
 True The software development processes represented in the SDLC are required for
all software-impacting projects in Dell IT, irrespective of project size, type, or
False
effort.
2. The SDLC is based primarily on the CMMI for Development and the 5-phase
®
Microsoft Solutions Framework.
True The SDLC is based primarily on the CMMI and MSF. The SDLC also
incorporates best practices from other industry-proven models and frameworks,
 False
including ITIL, PMI, and CoBIT.
3. The SDLC does not contain all the IT processes needed to fund and support
software systems. Other processes exist to address portfolio management,
enterprise architecture, and production support needs, all of which complement the
SDLC.
The focus of the SDLC is the software engineering processes used to develop
True
software products. However, other processes exist to complement this product
 False development.
76
Final Assessment
4. The SDLC is organized into the following 5 phases: Envisioning, Planning, Design,
Developing, and Stabilizing.
 True
 False
5. In the SDLC, the primary deliverables of the Planning Phase are the project
management plan, functional requirements, and the design.
 True
 False
6. There are 9 primary roles represented in the SDLC, and project teams are not
allowed to add or modify project roles.
 True
 False

Final Assessment
4. The SDLC is organized into the following 5 phases: Envisioning, Planning, Design,
Developing, and Stabilizing.
 True Design IS NOT a phase in the SDLC. The 5 phases are Envisioning, Planning,
False Developing, Stabilizing, and Deploying.
5. In the SDLC, the primary deliverables of the Planning Phase are the project
management plan, functional requirements, and the design.
 True In the SDLC, the Design is not a deliverable of the Planning Phase. The
False Design is a deliverable of the Developing Phase.
6. There are 9 primary roles represented in the SDLC, and project teams are not
allowed to add or modify project roles.
 True The primary IT functions are represented by 9 roles. However, there may be
False other roles required to help make a project successful. Other functions may be
added to the project team based on the needs of the project.
78
Final Assessment
7. At the start of an IT project, the team must determine which SDLC development
method will be used, based on the project types and the life cycle models defined in
the SDLC.
 True
 False
8. At the highest level, the SDLC’s process architecture is comprised of project

phases, activities, tasks, roles, process areas, and development methods.
 True
 False
9. The SDLC contains elements and references to the legal and business
requirements for which project teams must comply.
 True
 False

Final Assessment
7. At the start of an IT project, the team must determine which SDLC development
method will be used, based on the project types and the life cycle models defined in
the SDLC.
True The project’s set of standard projects is defined once the project chooses a
development method. This activity must occur at the start of the project.
 False
8. At the highest level, the SDLC’s process architecture is comprised of project

phases, activities, tasks, roles, process areas, and development methods.
True The SDLC architecture is comprised of project phases, activities, tasks, roles,
 False process areas, and development methods. Additionally, work aids (i.e.,
resources and tools) are available to enable efficient execution of the SDLC.
9. The SDLC contains elements and references to the legal and business
requirements for which project teams must comply.
True The SDLC helps project teams comply with regulatory and legal requirements
 False (i.e., SOX, PCI, and SOP 98-1), as well as internal Dell policies and standards.
80
Final Assessment
10. The SDLC is perfect; no additional refinement is necessary.
 True
 False

Final Assessment
10. The SDLC is perfect; no additional refinement is necessary.
 True The SDLC is a continuous improvement initiative. It will evolve as the
False organization matures and as industry best practices are revealed. Anyone can
submit a request to enhance the SDLC, and a governance model is used to
evaluate and manage changes to the SDLC.
82
Compliance
and Corporate
Governance
Additional questions can be directed to the

SDLC Team at
SDLC@dell.com
83

Introduction To The SDLC

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Introduction To The SDLC

Uploaded by

Copyright:

Available Formats

Welcome to the

Upon completing of this course, the student will be able to:

Introduction – Characteristics – Foundation – Value – Boundaries

• SDLC is a generic, industry term which is used to refer to a collection of

Software Development Life Cycle

Introduction – Characteristics – Foundation – Value – Boundaries

Introduction – Characteristics – Foundation – Value – Boundaries

• The SDLC has evolved from previous internal process improvement

Introduction – Characteristics – Foundation – Value – Boundaries

Introduction – Characteristics – Foundation – Value – Boundaries

Below are some benefits that other companies experienced as a result of

Category Benefits Company

Introduction – Characteristics – Foundation – Value – Boundaries

2 Enterprise Architecture Production Support 3 The processes in the

Indicate which of the following statements about the SDLC is TRUE:

a. The SDLC is required for all IT software development projects, irrespective

See the next slide for the answer. 10

Indicate which of the following statements about the SDLC is TRUE:

a. The SDLC is required for all IT software development projects, irrespective

Module 3 Compliance and Corporate Governance

The SDLC’s Process Architecture shows the relationship between the

Project Activity Deliverable

• A Project Phase consists of several Activities.

Project Activity Deliverable

A Project Phase is a collection of logically related project activities, culminating in

These phases are defined by the Microsoft® Solutions

Over the past several years, Dell IT has matured its

Envisioning – Planning – Developing – Stabilizing – Deploying

This phase ends when the Business Deliverables

Envisioning – Planning – Developing – Stabilizing – Deploying

During the Planning phase, the Activities

Envisioning – Planning – Developing – Stabilizing – Deploying

Envisioning – Planning – Developing – Stabilizing – Deploying

During the Stabilizing phase, the appropriate teams test,

This phase ends when the product is Deliverables

Envisioning – Planning – Developing – Stabilizing – Deploying

Envisioning – Planning – Developing – Stabilizing – Deploying

Finally, some activities occur in ALL PHASES, throughout the

The conclusion of a Project Phase is marked by a

Formal sign-off is obtained at each phase exit to certify that:

Project Phases Deliverables

See the next slide for the answer. 24

Project Phases Deliverables

Project Activity Deliverable

The Process Area pages in the SDLC contain:

Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment

Project Management is responsible for

The Project Management discipline plans,

Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment

Requirements Management is tasked to:

Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment

Architecture serves as the blueprint for the IT

Unlike low-level design, architecture is concerned with global design

Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment

The Design process area addresses the

The SDLC offers guidance on design

Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment

Development is where software developers

This area includes coding, code review, unit test,

Project Management – Requirements Management – Architecture – Design – Development – Testing – Deployment

The purpose of the Testing process area is to

Testing, in the Dell IT environment, may include: