S.R. CWA 15929:2009

1 Foreword
2 TERMS AND DEFINITIONS
  2.1 Definition of a critical information system (CIS)
  2.2 Definition of CIS requirements
      2.2.1 General
      2.2.2 Integrity
      2.2.3 Availability
      2.2.4 Performance
      2.2.5 Capacity
      2.2.6 Security
      2.2.7 Maintainability
      2.2.8 Resilience
      2.2.9 Usability
  2.3 Additional comments and specific issues
3 GLOBAL MODEL OF CIS REQUIREMENTS
  3.1 Overview
  3.2 Basic assumptions
  3.3 Economic dimension
  3.4 Interdependencies of requirements
4 FUNDAMENTAL PRINCIPLES FOR DESIGNING AND BUILDING A CIS
  4.1 Introduction
  4.2 Identifying and agreeing upon service priorities with
      stakeholders
  4.3 Defining service continuity requirements
  4.4 Identifying and agreeing upon what should be monitored
  4.5 Setting up an iterative process
  4.6 Assuming that problems will occur during the Run phase
  4.7 Setting up a control system
  4.8 Performing risk and requirement based testing
5 BEST PRACTICES FOR DESIGNING AND DEVELOPING A CIS
  5.1 List of best practices
  5.2 Mapping practices vs. project phases
  5.3 Mapping practices vs. CIS requirements
6 ANNEX 1 - Best Practices Sheets
  6.1 BPS # CIS-01 - Modularity
  6.2 BPS # CIS-02 - Failure anticipation
  6.3 BPS # CIS-03 - Error propagation prevention
  6.4 BPS # CIS-04 - Bottleneck identification
  6.5 BPS # CIS-05 - Defensive programming
  6.6 BPS # CIS-06 - Execution time logging
  6.7 BPS # CIS-07 - Resource consumption survey
  6.8 BPS # CIS-08 - Early capacity planning
  6.9 BPS # CIS-09 - Industrialized testing
  6.10 BPS # CIS-10 - Friends and family probes
  6.11 BPS # CIS-11 - Transaction ID
  6.12 BPS # CIS-12 - Error case logging
  6.13 BPS # CIS-13 - Data timestamping
  6.14 BPS # CIS-14 - Service monitoring
  6.15 BPS # CIS-15 - Shared log service
  6.16 BPS # CIS-16 - Runtime reporting
  6.17 BPS # CIS-17 - PKI-based traceability
  6.18 BPS # CIS-18 - External security audit
  6.19 BPS # CIS-19 - Crisis management
  6.20 BPS # CIS-20 - Retention management
  6.21 BPS # CIS-21 - Failure mode analysis
  6.22 BPS # CIS-22 - Compliance with the relevant standards
7 ANNEX 2 - Life Cycle Processes
8 ANNEX 3 - References
9 ANNEX 4 (informative) - Workshop members

Describes a first level European agreement on best practices for market players to ensure quality in designing, developing, maintaining and operating critical information systems, including both applications and infrastructure.