Third-Party Resources NIST, TOGAF, IEEE, and other industry standards and frameworks
Third-party resources provide industry-recognized standards, frameworks, and best practices that complement the Netspective Unified Process. These resources help ensure alignment with established methodologies and regulatory requirements.
┌─────────────────────────────────────────────────────────────────────────────┐ │ THIRD-PARTY RESOURCES │ └─────────────────────────────────────────────────────────────────────────────┘ ┌─────────────────────────────────────────────────────────────────────────────┐ │ SECURITY & COMPLIANCE │ │ NIST Frameworks, OWASP, CIS Benchmarks │ └─────────────────────────────────────────────────────────────────────────────┘ ┌─────────────────────────────────────────────────────────────────────────────┐ │ ARCHITECTURE FRAMEWORKS │ │ TOGAF, Zachman, C4 Model │ └─────────────────────────────────────────────────────────────────────────────┘ ┌─────────────────────────────────────────────────────────────────────────────┐ │ ENGINEERING STANDARDS │ │ IEEE, ISO, IEC Standards │ └─────────────────────────────────────────────────────────────────────────────┘ ┌─────────────────────────────────────────────────────────────────────────────┐ │ ENGINEERING PLAYBOOKS │ │ Microsoft, Google, Industry Best Practices │ └─────────────────────────────────────────────────────────────────────────────┘ Standard Publisher Focus NIST Cybersecurity Framework NIST Risk management NIST 800-53 NIST Security controls ISO 27001 ISO Information security OWASP Top 10 OWASP Web application security CIS Benchmarks CIS System hardening
Standard Publisher Focus IEEE 730 IEEE Software quality assurance IEEE 829 IEEE Software test documentation IEEE 1012 IEEE Software verification & validation ISO/IEC 12207 ISO/IEC Software lifecycle processes IEC 62304 IEC Medical device software
Framework Publisher Focus TOGAF The Open Group Enterprise architecture Zachman Zachman International Architecture taxonomy C4 Model Simon Brown Software architecture diagrams ArchiMate The Open Group Architecture modeling
The Microsoft Engineering Playbook provides modern engineering best practices that align with NUP principles.
Topic Description Link Agile Development Sprint practices, ceremonies View Code Reviews Review process and checklists View Automated Testing Testing strategies View CI/CD Pipeline practices View Design Design reviews, patterns View Documentation Documentation standards View Security Security practices View Observability Monitoring, logging View
┌─────────────────────────────────────────────────────────────────────────────┐ │ RESOURCE INTEGRATION MODEL │ └─────────────────────────────────────────────────────────────────────────────┘ NUP Phases & Disciplines │ ▼ ┌─────────────────┐ │ Map to │ │ Standards │────▶ Select applicable standards └────────┬────────┘ (NIST, IEEE, ISO, etc.) │ ▼ ┌─────────────────┐ │ Adopt │ │ Practices │────▶ Integrate best practices └────────┬────────┘ (MS Playbook, OWASP) │ ▼ ┌─────────────────┐ │ Generate │ │ Evidence │────▶ Document compliance └─────────────────┘ (audits, certifications) Choose resources based on:
Regulatory Requirements - What compliance is needed?Industry Context - Healthcare, finance, government?Project Scope - Enterprise-wide or single application?Team Expertise - What does the team already know?
This section fulfills ISO 13485 requirements for regulatory requirements (4.1.1), external documentation (4.2.3), and standards compliance (4.1), and ISO 27001 requirements for compliance with legal requirements (A.5.31), external references (A.5.37), and information security policies (A.5.1).
View full compliance matrix
How is this guide?
