Information systems are either made in-house or bought from external entities. To build or purchase a secure information system or any of its components falls in the discipline of Systems Security Engineering, or Security Engineering for short.
- Systems Engineering is a discipline of applying knowledge to create or acquire a system that is composed of interrelated elements collaborating for a common purpose throughout the system development life cycle (SDLC), or system life cycle (SLC). A life cycle is a collection of predefined stages and processes. “Development” here implies construction or procurement.
- Security Engineering is a specialty discipline of systems engineering. It addresses the protection needs or security requirements throughout the system life cycle.
Building a system component involves a development life cycle (e.g. software development life cycle), as a portion of the system development life cycle, while acquiring one comprises a procurement life cycle as well.