Task ID: T0181

Task Description: Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.

Work Roles with this Task:

• Work Role ID: SP-DEV-001
  Work Roles: Software Developer
  Work Role Description: Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.
  Category: Securely Provision
  Specialty Area(s): Software Development
• Work Role ID: SP-DEV-002
  Work Roles: Secure Software Assessor
  Work Role Description: Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
  Category: Securely Provision
  Specialty Area(s): Software Development
• Work Role ID: SP-RSK-002
  Work Roles: Security Control Assessor
  Work Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
  Category: Securely Provision
  Specialty Area(s): Risk Management
• Work Role ID: SP-SYS-001
  Work Roles: Information Systems Security Developer
  Work Role Description: Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.
  Category: Securely Provision
  Specialty Area(s): Systems Development
• Work Role ID: SP-SYS-002
  Work Roles: Systems Developer
  Work Role Description: Designs, develops, tests, and evaluates information systems throughout the systems development life cycle.
  Category: Securely Provision
  Specialty Area(s): Systems Development