Which of the following are the steps usually followed in the development of documents such as security policy,standards and procedures?

A.
design, development, publication, coding, and testing

B.
design, evaluation, approval, publication, and implementation

C.
initiation, evaluation, development, approval, publication, implementation, and maintenance

D.
feasibility, development, approval, implementation, and integration

Explanation:
A project management style approach is used the development of documents such as security policy,
standards and procedures.
In the initiation and evaluation stage, a written proposal is submitted to management stating the objectives of
the particular document.
In the development phase, a team is assembled for the creation of the document.
In the approval phase, the document is presented to the appropriate body within the organization for approval.
In the publication phase, the document is published within the organization.
In the implementation phase, the various groups affected by the new document commence its implementation.
In the maintenance phase, the document is reviewed on the review date agreed in the development phase.
Incorrect Answers:
A: Design, coding and testing are not phases in the development of documents such as security policy,
standards and procedures.
B: Design and implementation are not phases in the development of documents such as security policy,
standards and procedures.
D: Feasibility and integration are not phases in the development of documents such as security policy,
standards and procedures.

Information Security Management Handbook, Fourth Edition, Volume 3 by Harold. F. Tipton. Page 380-382.