5 Part 5: V-Modell Reference Work Products

5.3 Products

5.3.7 Requirements and Analyses

5.3.7.8 Data Protection Concept

Process module: Safety and Security (Supplier)

Responsible: Data Protection Manager (when using process module Safety and Security (Supplier))

Activity: Preparing Data Protection Concept

Participating: Security Manager

Work Product Attributes: initial

Purpose

The data protection concept regulates the implementation of legal data protection standards for the handling of personal data.

It includes statements on the following:

Is generated by

Software Implementation, Integration and Evaluation Concept, Software Architecture (see product dependency 4.18)

Hardware Architecture, Hardware Implementation, Integration and Evaluation Concept (see product dependency 4.7)

Software Implementation, Integration and Evaluation Concept, Software Architecture (see product dependency 4.19)

Software Implementation, Integration and Evaluation Concept, Software Architecture (see product dependency 4.17)

Hardware Architecture, Hardware Implementation, Integration and Evaluation Concept (see product dependency 4.8)

Hardware Architecture, Hardware Implementation, Integration and Evaluation Concept (see product dependency 4.6)

System Implementation, Integration and Evaluation Concept, Enabling System Architecture (see product dependency 4.16)

Enabling System Implementation, Integration, and Evaluation Concept, Enabling System Architecture (see product dependency 4.24)

Enabling System Implementation, Integration, and Evaluation Concept, Enabling System Architecture (see product dependency 4.5)

Enabling System Implementation, Integration, and Evaluation Concept, Enabling System Architecture (see product dependency 4.21)

System Implementation, Integration and Evaluation Concept, System Architecture (see product dependency 4.15)

System Implementation, Integration and Evaluation Concept, System Architecture (see product dependency 4.23)

System Implementation, Integration and Evaluation Concept, System Architecture (see product dependency 4.4)

System Implementation, Integration and Evaluation Concept, System Architecture (see product dependency 4.20)

Overall System Specification (see product dependency 4.25)

Overall System Specification (see product dependency 4.26)

Depends on

Project Manual, Information Security Concept, Safety and Security Analysis (see product dependency 5.46)

Project Manual, Overall System Specification, Information Security Concept (see product dependency 5.47)

5.3.7.8.1 Legal Foundations and Their Implementation

The legal data protection provisions and regulations required for the handling of personal data shall be identified.

5.3.7.8.2 Origin and Purpose of Processing Personal Data

Origin and purpose of processing personal data shall be presented.

5.3.7.8.3 System Survey and Protection Requirements

The system survey shall focus on system elements which process personal data. The protection requirements for personal data will be specified.

5.3.7.8.4 Risks

Possible risks incurred when processing personal data shall be identified.

5.3.7.8.5 Requirements and Measures

The data protection concept shall fulfill all legal data protection requirements, e.g., legal, technical, organizational, and material requirements. In addition, the requirements must be covered completely by appropriate measures. Aspects to be covered include, but are not limited to, the following:

Part 1: Fundamentals of the V-Modell
Part 2: A Tour through the V-Modell
Part 3: V-Modell Reference Tailoring
Part 4: V-Modell Reference Roles
Part 5: V-Modell Reference Work Products
Introduction
Overview of the Product Model of the V-Modell
Products
Supply and Contracting
Planning and Control
Reporting
Configuration and Change Management
Evaluation
Acquisition and Contracting
Requirements and Analyses
Proposal for the Introduction and Maintenance of an Organization-Specific Process Model
Project Proposal
Requirements Specification Overall Project
Evaluation of the Overall Project Requirements Specification
Requirements Specification
Requirements Evaluation
User Tasks Analysis
Data Protection Concept
Legal Foundations and Their Implementation
Origin and Purpose of Processing Personal Data
System Survey and Protection Requirements
Risks
Requirements and Measures
Information Security Concept
Safety and Security Analysis
Legacy System Analysis
Market Survey for Off-the-Shelf Products
Make-or-Buy Decision
System Elements
System Specifications
System Design
Logistic Elements
Logistic Conception
Process Improvement
Generative Product Dependencies
Content-Related Product Dependencies
Product Index (According to Disciplines)
Product Index (alphabetically)
List of Figures
Part 6: V-Modell Reference Activities
Part 7: V-Modell Reference Mapping to Standards
Part 8: Annex
Part 9: Templates