Software Management
Software Management
The Software Management subgroup of the SSWG is developing guidelines for software management practice at UC Davis. This includes software repositories, documentation, application security, change control, testing, deployment, etc.
Subgroup Membership
- Curtis Bray
- Adam Getchell
- David Walker
Applicable Policy
- IS-10 Systems Development and Maintenance Standards
- The following sections have applicability:
- 2.11 Programming and Unit Testing
- 2.14 Documentation Standards, particularly the Systems Manual
- Chapter 4: Change Management and Maintenance Standards
- The current version of IS-10 is nearly 10 years old. The information in it, particularly examples, is dated. Nevertheless, it still provides good information.
- The following sections have applicability:
- IS-3 Electronic Information Security
- Section III.B describes security objectives and the need for risk assessment to determine the importance of these objectives.
- Section III.C.2.c.iv-v describe requirements for patch management and software development, depending on the risk assessment.
- Section III.C.2.e describes requirements for change management, again depending on assessed risk.
- The code itself is a University asset with associated risks. Therefore, all sections of IS-3 may apply.
- UC Davis Security Standards
- Section I.16 "Web Application Security" states "Web applications developed or acquired by campus units must support secure coding practices. Web applications must mitigate the vulnerabilities described within the OWASP Top Ten Critical Web Application Security Vulnerabilities."
Examples
- Software Management at the CDL (2001-11-16)
- IET - AD - Sampling of processes/documentation
- Middleware SDLC - IET Middleware Team - Confluence.pdf - General SDLC progress used on medium/large progress
- Jira Usage Principals - IET Middleware Team - Confluence.pdf - When and how Jira is used within IET-AD
- Jira Usage Handbook for Middleware - IET Middleware Team - Confluence.pdf - Detailed guide for daily usage of Jira
- Middleware Jira Workflow.png - Enlarged image
- Middleware Jira Workflow-2.png - Enlarged image
- QAQC Project Checklist.xls - Checklist of items that should be addressed in each project
- EAccessibility Checklist for Developers - IET Quality Assurance and Quality Control - Confluence.pdf - How to make your web app almost 100% ADA Section 508 compliant
- UC Davis Academic Software Copyright License - IET Middleware Team - Confluence.pdf - Standard license for source code