[t]he period of time that begins when a system is conceived and ends when the system is no longer available for use.[1]
”
“
[t]he stages through which a system passes, typically characterized as initiation, development, operation, and termination (i.e., sanitization, disposal and/or destruction).[2]
”
“
[e]volution of a system, product, service, project or other human-made entity from conception through retirement.[3]
”
Overview[]
A system life cycle involves all phases of a system's existence, including
Initiation: During the initiation phase, the need for a system is expressed and the purpose of the system is documented. Activities include conducting an impact assessment in accordance with NIST, FIPS 199.[4]
Development/Acquisition: During this phase, the system is designed, purchased, programmed, developed, or otherwise constructed. This phase often consists of other defined cycles, such as the system development cycle or the acquisition cycle. Activities include determining security requirements, incorporating security requirements into specifications, and obtaining the system.
Operation/Maintenance: During this phase, the system performs its work. Typically, the system is also being modified by the addition of hardware and software and by numerous other events. Activities include security operations and administration, operational assurance, and audits and monitoring.