An operating system’s response to a type of failure can be classified as one of the following:

• System reboot
• Emergency system restart
• System cold start

A system reboot takes place after the system shuts itself down in a controlled manner in response to a kernel (trusted computing base) failure. If the system finds inconsistent object data structures or if there is not enough space in some critical tables, a system reboot may take place. This releases resources and returns the system to a more stable and safer state.

An emergency system restart takes place after a system failure happens in an uncontrolled manner. This could be a kernel or media failure caused by lower-privileged user processes attempting to access memory segments that are restricted. The system sees this as an insecure activity that it cannot properly recover from without rebooting. The kernel and user objects could be in an inconsistent state, and data could be lost or corrupted. The system thus goes into a maintenance mode and recovers from the actions taken. Then it is brought back up in a consistent and stable state.

The auditor should play an active part in the project-management process and know the various roles and responsibilities. Auditors should understand who is responsible and be able to identify key stakeholders, some of which include the following:
. Senior management—Provides necessary resources to complete project.
. Stakeholders—A person, group, or business unit that has a share or an interest in the project activities.
. Project steering committee—Ultimately responsible. Must ensure that the stakeholders’ needs are met and oversee direction and scope of project. The committee acts as project-oversight board.
. Project sponsor—Works with the project manager to ensure success and is responsible for allocating funding for the project.
. Project manager—Responsible for day-to-day management of the project team.

Most of us put a lot of effort into cost estimation in our personal lives. When considering a new job offer, most of us look closely at the cost of living in a different area; likewise, when shopping for a new car, most people check with several dealerships to find the best deal. The business world is constrained by the same budget factors. These components drive up the cost of software:

. The chosen source code language—Using an obscure or unpopular language will most likely drive up costs.
. The size of the application—The size or complexity of the application has a bearing on cost. As an example, the level of security needed is something that will affect the complexity of a given application. This also has a direct correlation to the scope of the project.

The SDLC is designed to produce high-quality software in a structured way that minimizes risk. The traditional approach to SDLC is the waterfall model, which contain 6 step of implementation. ISACA uses a modified model that has five primary phases and the post implementation phase.

Phase 1: Feasibility
In this step, the feasibility of the project is considered. The cost of the project must be discussed, as well as the potential benefits that it will bring to the system’s users. A payback analysis must be performed to determine how long the project will take to pay for itself. In other words, the payback analysis determines how much time will lapse before accrued benefits will overtake accrued and continuing costs. If it is determined that the project will move forward, the team will want to develop a preliminary timeline. During the feasibility phase, everyone gets a chance to meet and understand the goals of the project.