Task ID: T0181
Task Description: Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
Work Roles with this Task:
- Work Role ID: SP-DEV-001Work Role Name: Software DeveloperWork Role Description: Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.Specialty Area(s): Software Development
- Work Role ID: SP-DEV-002Work Role Name: Secure Software AssessorWork Role Description: Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.Specialty Area(s): Software Development
- Work Role ID: SP-RSK-002Work Role Name: Security Control AssessorWork Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).Specialty Area(s): Risk Management
- Work Role ID: SP-SYS-001Work Role Name: Information Systems Security DeveloperWork Role Description: Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.Specialty Area(s): Systems Development
- Work Role ID: SP-SYS-002Work Role Name: Systems DeveloperWork Role Description: Designs, develops, tests, and evaluates information systems throughout the systems development life cycle.Specialty Area(s): Systems Development