14. Evaluate the advantages and disadvantages of security by design (AC 3.4)

There are a number of benefits to using a security-by-design approach. One big advantage is that it's much cheaper to sort out security issues at the start, before they cause any damage. Many businesses add a security to systems that are already in place, often just to tick the boxes for compliance, rather than focusing on the actual risks to the business. When a security is included from the very beginning, it's easier to make sure it fits the specific needs of the organisation.

It also means there may fewer time and budget issues when you build security in from the start. There's more time to create the most effective security system, and you can plan the costs from the beginning. However, one downside to security, by design is that the initial costs can be higher. The system might be more complex and need more specialists to build it . It could also take longer to complete, since the company will need time to figure out exactly what is needed. There's also the change that a system build when company first starts might no longer be suitable later on if the business grow or changes a lot But this can be avoided by designing the system so that it can be adapted without needing to go offline.