Application Developer

Duties

Application developers are required to write computer code generating programs to support the business. They must interface with the project manager and customer or business person who knows the business requirements.

Skills Required

Application developers must be skilled in computer language progeamming. They must know how to document code and be able to create, test and debug code. They must be able to check code for flaws including security flaws.

Policies Affecting the Application Developer

Must Take Specific action

  • Password Policy - Needs to know what capabilities applications and systems should provide related to the password policy such as account reset, password complexity requirements, maximum password age, and password reset functionality.
  • Privacy and Confidentiality Policy - Must be sure projects meet the requirements of this policy such that exceptions do not compromise the confidentiality of data.
  • Information Sensitivity Policy - Applications must be compliant with this policy specifically regarding sensitive data storage and sensitive data transmission.
  • Encryption Policy - Applications must be compliant with this policy specifically regarding when encryption is used and the type of encryption used.
  • Application Implementation Policy - Application programmers must comply with this policy, associated policies and supporting standards.
  • Segregation of Duties Policy - Application developers must have management permission/tasking to modify software according to the policy.
  • Software Standards Policy - Code being developed must be compliant with the software standards and developed according to the functional requirements and the SDLC.
  • Development Life Cycle Policy - Software must be developed within the framework specified by the development life cycle policy.
  • Software Tracking Policy - Software developed must be tracked by version as changes are made according to the policy.

Must be Aware

  • User Privilege Policy - Application developers should be familiar with this policy and grant users only the minimum privileges they need to perform their roles in the applications developed.
  • Account Management Policy - Application developers should be familiar with this policy and write their applications so account management can be properly supported including account creation, account changes, account suspension, and account removal.
  • Employee Termination Policy - Application developers should be familiar with this policy and write programs so accounts can easily be managed according to the policy.
  • Browser Configuration Policy - Application developers should be familiar with this policy so any web based applications will work properly when user's browsers are configured in compliance with the policy.
  • Server Documentation Policy - Application developers should be familiar with this policy since all applications running on servers is to be documented.
  • Change Management Policy - Software developers should be familiar with this policy and specifically the Software Development Requirements which requires source control.
  • Auditing Policy - Software developers should be familiar with this policy since they may be audited for compliance with policies.
  • Preventative Maintenance Policy - Software developers should be familiar with this policy since they should give consideration to preventative maintenance of their application during the project planning phase of the project.
  • Configuration Management Policy - Software developers should be familiar with this policy and specifically the Software Development Requirements which requires source control.
  • Quality Policy - Software developers should be familiar with this policy since code reviews and testing are part of the quality framework.

Affects Job but Awareness not Required

  • Computer Training Policy - Is trained in various technical areas.