Ensuring that information security is properly managed, businesses have implemented an approach to help manage it. Implementation is called the security systems development life cycle. The security systems development life cycle consists of six phases and each phase is crucial to each other. Starting with the initial phase, the six phases are investigation, analysis, logical design, physical design, implementation, and then finally maintenance and change. Each security phase is an integral part of the systems development lifecycle due to its lifecycle process. The investigation phase is the beginning of the systems development life cycle and is considered the most important (Whitman, 2015, p. 27). As Whitman (2015) points out, the first step is to determine what the problem is to be solved and begins with a company information security policy. This policy sets the framework for a security program within the organization (Whitman, 2015, p. 27). Not only are problems discovered at this stage, but the objectives, constraints and scope of the project are clarified (Whitman, 2015, p. 25). These help determine whether or not the company should pursue implementation (Whitman, 2015, p. 25). As a first process, inquiry does not necessarily have a predecessor unless the current system can support the evolving mission of the organization (Whitman, 2015, p. 26). At this stage, maintenance and change are considered as the predecessor and the analysis process as the successor. Analysis follows as a phase used to study the results of the investigation phase, consistent with Whitman (2015). The survey results from the previous phase are used by the development team to perform an analysis of......in the middle of the paper cycle......fe, there would be no Incident response action in place, leaving huge vulnerability in the event of a disaster. Physical design is the phase where physical security measures are created to ensure that technologies are well protected. With this measure, data breaches and other malicious attacks could harm the business. With software implementation, this phase gives businesses the opportunity to create or purchase security solutions instead of presenting a broken system to users without the protection it requires. Finally, without the security of consistent testing and monitoring during maintenance and change phases, systems will become obsolete and detrimental to the business itself due to outdated systems (Whitman, 2015, p. 29). As fundamental as it may seem, without security in the software development lifecycle, you expose a business to many potential vulnerabilities..