information system (e-government) implementation· operation guideline by nia/mospa korea
DESCRIPTION
Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea. Table of Contents. A brief Overview 2. Structure of the guideline 3. The Body Chapter 2 Development of Project Plan Chapter 3 Procurement of ICT Project - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/1.jpg)
Information SystemInformation System(e-Government) (e-Government) Implementation·Implementation· OperationOperation GuidelineGuidelineBy NIA/MoSPA KoreaBy NIA/MoSPA Korea
![Page 2: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/2.jpg)
Table of ContentsTable of Contents
1. A brief Overview
2. Structure of the guideline
3. The Body Chapter 2 Development of Project Plan Chapter 3 Procurement of ICT Project Chapter 4 Selection of Provider and Contract Chapter 5 Project Implementation Chapter 6 Software Secure coding Chapter 7 Audit and Operation
2
![Page 3: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/3.jpg)
Overview history
Establishment(‘`11.9.5) Improvement of procurement and contract system Reflection of the change of other related laws and orders . Change about 30 kinds of contents applicable to all stages
of ICT project (plan‧ procurement‧ contract‧ implementation etc.)
1’st Revision(‘`12.3.6) To decrease the side-effect of preventing big business from
attending to IT project To make an environment friendly to the good small and
medium business 2’nd Revision(‘`12.6.27)
To enhance SW secure coding
3
![Page 4: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/4.jpg)
Legal structure
Parliament
President Decree
Minister order
Manual
Law
Order
4
Manual
Training Training
![Page 5: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/5.jpg)
Contents of the GuidelineContents of the GuidelineSection 1 : General
1.Purpose2. Definition of terms 3. Scope to apply the guideline
4. Basic Principle5. Relation to other laws and orders
Section 2 Development of Project Plan
6. Guideline to select proper H/W/ and S/W 7Guideline for ensuring the use of proper technology and interoperability 8. Evaluation and management of Security 9. Budget plan and cost estimation
10. Special privilege to SME 11. Separate procurement of S/W and H/W 12. Compensation for submitting a proposal 13. Audit 14. Coordination among related entities
Section 3 Procurement of ICT project
15. Clear and detail description of service and system requirement 16. Guideline for writing RFP, items to be included in RFP 17. Deletion of sensitive information in RFP18. Specification of proposal evaluation process , development of standard score sheet19. How to use sub-contract20. Presentation of the proposal21. Use of standard technology(S/W) evaluation
22. Sealing of the estimated price 23 proposed price should be estimated by related government procurement regulation24 Guideline for Pre- release of RFP25. Collection of opinion on the pre-released RFP26. Process to access the RFP 27. Time span for procurement 28. Public explanation of RFP29. Process to submit proposal
5
![Page 6: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/6.jpg)
Contents of the GuidelineContents of the Guideline
Section 4 Selection of provider and contract
30 Composition of evaluation committee 31 Process of the pre-release of a proposal to evaluation committee 32 Process of the Evaluation of proposal 33 Sufficient time allowance for evaluation and correction of extraordinary evaluation score
34 Condition and process of public release of evaluation result35 Release of estimated price and evaluation of the proposed price36 Process of technology and price negotiation
Section 5 project implementation
37 Process of request of sub- contract 38 Approval of sub-contract39 Management of initiation and process report 40 Management of sub-contract 41. Regulation of work place 42. Regulation of workers 43. Monitoring of the abiding the technology use plan
44 Management of standard outcome report 45 Alteration of work scope46 Process of the alteration of work scope47 Payment for the alteration of work scope48 Use of Integrated information resource management (EA)49 Implementation of audit
6
![Page 7: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/7.jpg)
Contents of the Guideline Contents of the Guideline Section 6 S/W Secure coding
50. Principle of S/W secure coding 51. Activity for ensuring S/W secure coding52. Checklist to evaluate S/W weakness
53. Process to analysis S/W weakness54. Certificate and training of S/W secure coding analyst
Section 7 Audit and operation
55 fine for delaying the completion of project56 Process of audit 57 Process of hand over
58. Encouraging the private sector to use the public information resource 59. Process for operation and maintenance 60 Regulation on IP arising in implementing the project
Special section
61 Specific manual will be released by NIA
Appendix 1. Table of special advantage score for the co-participation of SME
2. Number of evaluation committee member by the size of project
3 Checklist for ensuring S/W security 4. Quality requirement for S/W secure coding analyst
Template 1. Technology Use Plan, Technology use result
2. Technology evaluation for interoperability , sharing of information resource, efficiency of the system, information accessibility, appropriateness of technology etc.
3. Document to use sub-contract 4. Evaluation committee report sheet5. Document to start the project 6. Template of system development
plan, pledge for ensuring security and abiding law and regulation while doing project
7
![Page 8: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/8.jpg)
8
Chap. 2. Development of Project PlanChap. 2. Development of Project Plan Standard of HW and SW Acquisition (Sec.6.)
Refer to “Guide tor HW Capacity Estimation” for HW Acquisition
Check the availability of existing commercial SW products before SW development
Obligation of the use of existing commercial SW products Exception) extraordinary high expenses, difficulty in fulfilling the
required functions and maintenance etc.
Modify technology evaluation plan to reflect this requirement
Priority to the products developed by small & medium business
![Page 9: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/9.jpg)
9
Chap.2. Development of Project PlanChap.2. Development of Project Plan Ref) Technology Application plan/result and
Technology evaluation
Business
Plan
(Sec.7)
RFP
(Sec.16) Proposal
Implementation
(Sec.43)
Auditing
(Sec.50)
Operation
(Sec.52)
Technology Application Plan Technology Application Result
Owner Operator Auditor Owner
Procedure
Documents
Person In charge
Technology Evaluation
![Page 10: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/10.jpg)
10
Chap.2. Development of Project PlanChap.2. Development of Project Plan Exam.) Technology application plan/result
(attached form)
item
plan/resultcomme
ntsApplication
partially Applicati
on
no-application NA
Detailed Technology
data expressi
on
o Static expression : HTML 4.01o Dynamic expression- JSP 2.1- ASP- PHP
![Page 11: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/11.jpg)
11
Chap.2. Development of Project PlanChap.2. Development of Project Plan Exam.) Technology evaluation (attached form)
Detailed evaluation item check comments
Do you describe the background and the goal of the business?Do you describe the problem and the improvement of informatization?………………………….
![Page 12: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/12.jpg)
12
Chap. 2. Development of Project PlanChap. 2. Development of Project Plan Technology Application Planning and Technology
Evaluation of Interoperability(Sec.7) Perform Technology Evaluation prior to the final Business
Plan Big project and national security related project need a special
evaluation of technology application in the planning stage Reflect the result of evaluation to Business Plan and RFP
Make Technology Application Planning when owners make Business Plan and RFP
Bidding participant must summit Technology Application Plan when submitting a Proposal and it should be re-submitted when implementing the Project
![Page 13: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/13.jpg)
13
Chap. 2. Development of Project PlanChap. 2. Development of Project Plan Security Review and Management(Sec.8)
In the time of making or modifying Information System, Request security review by NIS(National Intelligence Service) according to“Guide to National Information Security”
Development security countermeasures applicable in the process of procurement, management, and operation of ICT project etc.
Develop countermeasure for protecting personal information
Devise SW Vulnerability countermeasure and let business operator comply it
Budget and Estimation(Sec.9) Refer to “Guide to Estimation of SW business expense ” Acquisition expense of HW and commercial SW
1. the price which is registered at the public procurement service 2. the newest purchase price 3. the lowest price among 3 estimates
![Page 14: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/14.jpg)
14
Chap. 2. Development of Project PlanChap. 2. Development of Project Plan The lowest limit of business expenses which big
SW business can participate(Sec.10) State clearly in RFP※ sales of big business more than 800billion : 8 billion sales of big business less than 800billion : 4billion
Separate Order of SW(Sec.11) Refer to“the objects of Separate Order of SW”※ more than 1 billion of business expense & more than 50million of SW price
Compensation of Proposal(Sec.12) Refer to“Operation regulation for compensation of SW
proposal”※ compensate for the good proposal with money
![Page 15: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/15.jpg)
15
Chap. 2. Development of Project PlanChap. 2. Development of Project Plan Audit(Sec.13)
Refer to “IT Audit Standard”※audit scope, procedure and obligation, registration of audit firm, qualification and education of IT auditor etc.
→ Sec.50. auditing
Advance Consultation(Sec.14) Refer to “regulation to Advance consultation for e-
government business”※ Main purpose is to filter the duplication among systems
![Page 16: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/16.jpg)
16
Chap. 3.Chap. 3. OrderOrder Requirement Disambiguation of RFP(Sec.15)
State the requirement of RFP clearly though Function list and requirement specification etc.
In the time of ISP, Make the requirement of RFP through the business operator of ISP and Apply them to RFP
Refer to “The guide to make requirements of RFP”
→ Sec.16. Making RFP Sec.45. Changing Tasks Sec.46. Procedure of Changing Tasks Sec.47. Payment of Changing Tasks
![Page 17: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/17.jpg)
17
Chap. 3.Chap. 3. OrderOrder Making RFP(Sec.16.)
Include below contents to RFP 1. Tasks and requirements 2. Contract condition 3. Evaluation item and method 4. Size of Proposal sheet·summit method·biding type 5. Compensation of Proposal 6. Items which business operators must comply a. State Price for a subcontract clearly to RFP b. propriety of subcontract c. Technology Application Plan d. SW secure coding compliance e. Obligation of proposal presentation by PM f. Making and submit of standard documents
![Page 18: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/18.jpg)
18
Chap. 3.Chap. 3. OrderOrder RFP Security(Sec.17)
Consider not to include security issues in RFP
1. IP address of Information systems 2. system diagram and current condition of systems like vendors,
versions etc. 3. configuration information of systems 4. access authority like user id, password etc. 5. analysis report of system vulnerability 6. current status of information protection products like Firewall ㆍ
IPS etc. and NW devices like router ㆍ switch etc. 7. closed objects according to“Public information act” 8. personal information 9. confidential items etc.
![Page 19: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/19.jpg)
19
Chap. 3.Chap. 3. OrderOrder Evaluation Scale(Sec.18)
In the time of negotiated contact, technology : price = 90:10
Exception) technology : price = 80:20 1. HW ratio is more than 50% 2. business expense is less than 0.1 billion etc.
![Page 20: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/20.jpg)
20
Chap. 3.Chap. 3. OrderOrder Ref) subcontracting management
Order Selection and
Contract
Owner Operator Owner
stage
Check list
PersonIn charge
request of price for a subcontract (Sec.19)
Execution
Approval Application(
Sec.37)
Approval(Sec.38)Management
(Sec.40)
Review of price for a
subcontract (Sec.36)
![Page 21: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/21.jpg)
21
Chap. 3.Chap. 3. OrderOrder Price for a subcontract (Sec.19)
State Direct labor cost, overhead expense, and engineering fee clearly in RFP
1. direct labor cost : 100% of unit wages 2. overhead expense + engineering : more than 20% of direct labor cost
※ example
The Owner pays for a subcontract directly or Business operator pays for a subcontract within 15 days
Calculation basis price The lowest price for a subcontract
Unit wages unit wages of SW 100 100overhead Unit wages of SW X 1.1 110
20Engineering fee
(Unit wages of SW+overhead) X 0.2
42
sum 252 120
![Page 22: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/22.jpg)
22
Chap. 3.Chap. 3. OrderOrder Price for a subcontract (Sec.19)
→ Sec.36. Technique and Price Negotiation Sec.37. Approval Application of subcontracting Sec.38. Subcontracting Approval Sec.40. Subcontracting Management
![Page 23: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/23.jpg)
23
Chap. 3.Chap. 3. OrderOrder Proposal Presentation(Sec.21)
PM must make a presentation by himself Technical Evaluation Standard(Sec.21)
Refer to“SW Technology evaluation standard” designate at least 6 Relative evaluation items for
discrimination of technology Enlarge evaluation ratio for small & medium business
consortium Furnishing of Predetermined Price(Sec.22)
Determine Predetermined price before proposal submit Seal it and Keep it in secrete
Predetermined Price Determination Standard(Sec.23) Refer to “National Contract Act”for determination standard
and procedure etc.
![Page 24: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/24.jpg)
24
Chap. 3.Chap. 3. OrderOrder Advance Publication of RFP(Sec.24)
Make public on National procurement service “ww.g2b.go.kr” and homepage of each organization for 5 days (3dyas in urgent case)
1. business name 2. organization name 3. budget 4. expiration date of comment 5. contact number and name 6. delivery deadline 7. RFP etc.
Exception of advance publication 1. in case of no time for competition and special appointment
contract 2. in case of security products 3. product whose estimated price is less than 0.1 billion 4. in case of second time of publication of RFP→ Sec.25. Review on comment of Advance Publication
![Page 25: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/25.jpg)
25
Chap. 3.Chap. 3. OrderOrder Review on comment of Advance Publication(Sec.25)
Review the comment and inform the result to the offerer
reflect accepted comment to RFP
Composite a committee for the fair review
![Page 26: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/26.jpg)
26
Chap. 3.Chap. 3. OrderOrder RFP issue and Reading(Sec.26)
Refer to“standard for negotiated contract” Bid Announcement Period (Sec.27)
Period Business type
urgent
10days
- the urgent system development like law revision, disaster etc.
- less than 3 months of project period- audit project- re-bid project
20days Less than 1 billion of estimated price
25daysMore than 1 billion of estimated price ~Less than 4 billion of estimated price
30days More than 4 billion of estimated pricenormal 40days
![Page 27: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/27.jpg)
27
Chap. 3.Chap. 3. OrderOrder Presentation Meeting about RFP(Sec.28)
Host Presentation meeting for bidders(option) State date & time, place etc. in RFP
Proposal Submission(Sec.29) Bidders submit RFP and a price bid separately Seal the price bid and and Keep them in secrete until
unsealing a bidding price and Evaluation
→ Sec.35(unsealing a bidding price and Evaluation)
![Page 28: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/28.jpg)
28
Chap. 4.Chap. 4. Selection and Contract Composition of Evaluation Committee(Sec.30)
Composite the evaluation committee with experts from public officials, professors, researchers, industrial experts
Appoint public officials as committee members within 50%
Advance Distribution of Proposal(Sec.31) In case of detailed review, distribute proposals toe
evaluation committee members in advance Make security policy to prevent from leakage of proposals
![Page 29: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/29.jpg)
29
Chap. 4.Chap. 4. Selection and Contract Proposal Evaluation(Sec.32)
Evaluate with proposals Check the identity of presenter※ if the presenter is not PM, he can’t make a presentation
Review Time of Proposal and Adjustment of Evaluation Score(Sec.33) Make Review time of Proposal
1. Less than 1 billion business : 90 Min.2. Less than 2 billion business : 120 Min. 3. Less than 4 billion business : 150 Min.4. more than 1 billion business : 180 Min.
Adjust Evaluation Score in case of suspicious situation
![Page 30: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/30.jpg)
30
Chap. 4.Chap. 4. Selection and Contract Publication of Technology Evaluation Result(Sec.34)
In case of more than 2 billion business, make public the evaluation result
unsealing a bidding price and Evaluation(Sec.35) After the technology evaluation, unseal a bidding price
and evaluate it without delay Technology and Price Negotiation(Sec.36)
Refer to “National Contract Act” In case of changing the task, consider price for a
subcontract also.
![Page 31: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/31.jpg)
31
Chap. 5.Chap. 5. ExecutionExecution Approval Application of subcontracting(Sec.37)
The Business operator summit to get approval for subcontracting
Include approval application of subcontracting, detailed calculation report, business fulfillment plan of subcontracting(include detailed schedule) etc.
Subcontracting Approval(Sec.38) Check price for a subcontract In case of less than the standard of price for a
subcontract, refuse it Notice it clearly within 14 days, or It regards as approval
![Page 32: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/32.jpg)
32
Chap. 5.Chap. 5. ExecutionExecution Lunching and Report(Sec.39)
The Business operator summit business lunching report within 10 days after contract
In case of complementary, complement it within 7 days Ask lunching meeting, if it needs
Subcontracting Management(Sec.40) The Subcontractor summits compliance report of
subcontracting In case of unfulfilling, report it to Fair Trade Commision
![Page 33: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/33.jpg)
33
Chap. 5.Chap. 5. ExecutionExecution Workplace(Sec.41)
Decide workplace with the business operator Prepare workplace, if budget don’t include the expense
for workplace Consider Remote place development, if it is possible
Human Resource Management(Sec.42) In case of FP, don’t use head-counting management
Compliance of Technology Application Planning(Sec.43) The business operator comply with Technology
Application Plan and summit the result
![Page 34: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/34.jpg)
34
Chap. 5.Chap. 5. ExecutionExecution Standard Documents(Sec.44)
Receive standard documents and keep them consistency to use in the time of operation and maintenance
Changing Tasks(Sec.45) Change task, if it is necessary
Procedure of Changing Tasks(Sec.46) Comply the procedure according to to “industrial
development act” and “general condition of service contract”
Payment of Changing Tasks(Sec.47) Adjust the business expense according to “Enforcement
decree of national contract act”
![Page 35: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/35.jpg)
35
Chap. 5.Chap. 5. ExecutionExecution Integration Management of Information
Resource(Sec.48) Register information resource to “National EA portal
(www.geap.go.kr)” Use the system to manage the status and statistics
information resource Auditing(Sec.49)
Follow up the action plan for audit according to audit report
Auditors write the compliance result between Technology application plan and the result
![Page 36: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/36.jpg)
36
Chap.6.Chap.6. Software Secure Coding Principal of SW Secure Coding(Sec.50)
Comply with SW secure coding In case of new development : all sw codes In case of maintenance : modified sw codes
Activity of SW Secure Coding (Sec.51) In time of proposal evaluation, evaluate reasonability of
the tools, procedures, method etc. Refer to “SW secure coding guide” developers/programmers are trained with secure coding
![Page 37: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/37.jpg)
37
Chap.6.Chap.6. Software Secure Coding Diagnosis standard of Security Weakness (Sec.52)
Refer to mandatory diagnosis item Diagnosis Procedure of Security Weakness(Sec.53)
Diagnose to remove the security weakness Include diagnosis to Audit check list Use the tool to remove the security weakness Business operators verify to remove the security weakness
Diagnostician(Sec.54) Qualified experts Registered in Ministry of Security and Public Administration Management of Diagnostician
![Page 38: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/38.jpg)
38
Chap.7. Examination and Operation Compensation of Deferment(Sec.55)
Calculate it according to “general condition of service contract”
Examination(Sec.56) Examine it according to “general condition of service
contract” Check the compliance between Technology application
plan and the result Check the non-conformity of Audit report to be corrected
Private Application of Information Resource(Sec.58) share information resource with the private through
“public data portal(www.data.go.kr)”or your own Information system
![Page 39: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/39.jpg)
39
Chap.7. Examination and Operation Operation and Maintenance(Sec.59)
In case of modification of systems, make consistency between systems and documents
Make manual of operation and maintenance though the business operator
Attribution of Intellectual Property and Deposit of Technical Data(Sec.60) Refer to“general condition of service contract”
![Page 40: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/40.jpg)
Ref1) Structure of User Requirement Ref1) Structure of User Requirement
40
NO Requirement type code
1 System overview and Function list BR
2 Function requirement FR
3 Performance requirement PR
4 Quality requirement QR
4.1 reliability QRR
4.2 Availability QUR
4.3 Maintenance QMR
4.4 Portability QPR
4.5 Security QSR
5 Interface requirement IR
6 Data requirement DR
7 Operation requirement OR
8 constraints CO
![Page 41: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/41.jpg)
Ref2) Flow of CBD documents Ref2) Flow of CBD documents
41
Analysis Design Implementation
Test
IntegrationTest result
AcceptanceTest Scenario
tio
Definition and analysis of requirement
Use caseSpecification
Requirement Defintiion
Testing
System testresult
AcceptanceTest result
Acceptance
Sourcecode Unit test result
RFPProposalBusiness
Fulfillment plan
Meeting result
…
Class
Classdesign
Componentcomponent
design
user interface
design
Screen
DatabaseEntity relationship
description
Database design
Data conversion and initial data
design
Conversion
test plan
Test
IntegrationTest
scenario
System testscenario
Unit testcase
architecturedesign
Architecture
Interfacedesign
Interface
DatabaseDatabase table
User manual
Training
Operatormanual
System Installation
result
Installation
Requirement traceRequirement trace
![Page 42: Information System (e-Government) Implementation· Operation Guideline By NIA/MoSPA Korea](https://reader035.vdocument.in/reader035/viewer/2022062501/56815d3c550346895dcb4096/html5/thumbnails/42.jpg)
42
Q & A