6. In simple terms, what is the purpose of the stakeholder in the SQUARE method.

Question

6. In simple terms, what is the purpose of the stakeholder in the SQUARE method. Why is the stakeholder role critical to the security of the final product?

7. SQUARE essentially involves two stages. Stage 1-4 entails one type of activity and stage 5-9 entails another. What is the purpose of these two types of activities? What would happen if either were not done?

8. Steps seven and eight In the SQUARE method involves the categorization and prioritization of activities. Why is this important for security? What would happen if activities were not categorized and prioritized?

9. Step One of SQUARE involves obtaining agreement on definitions. Why is this a critical part of the security process? What would happen if this step was skipped?

10. SQUARE for acquisition is a special application of the SQUARE process. Tell me why it is particularly critical to get a good set of security and functional requirements even if the product is purchased off the shelf rather than developed?

Explanation / Answer

6) Purpose of stake holder:

1.Stakeholder identifies the single business goal or a projecgt.

2.And create the security goals that are support of the business goal.

3.Importance gives for the security goals

4.And put certain goals to business and security for requirment engineering team for

review.
7)

square has essentially 9 steps.

In first four steps it will agree the tasks,

identify the assests and security goals.

support the security of development.

And take care about the risk assessment.

In next 5 steps it will take care about selection ,it take care about security requirements.

It will categorize and priortize the requirement and inspect the results.

If they were not done properly the result will not occur.one step links with another

step.so 9 steps are useful to assesment an d getting require goals.

8.
The security goal establishment scopes for the rest of square process.

without any risks. If any problem occur the security will take care for it.

prioritization is importance

generally requirements are prioritized

1.To avoid harm

2.To reduce risk

3.cost reduction

4.Time to market

5.Stability requirements

For these prioritization is required

The process of priorization is help to manage the risks and probability to analyze.
so it is useful if it is not there then there is atime waste for project team to analyze and develop risk

contigences.
If there is no categorization ,the nature of the problem is not traced in future.
and does not provide important management information.

9.

It gives clear and effective communication through out the process.

if not there it is not clearly understood and there is no mutual understanding between

stakeholders and requirement engineers.

Related Questions

Navigate

• Browse (All)
• Browse 6
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.