The purpose of this document is to provide additional information on a step-by-step approach for achieving secure development lifecycle, in addition to the Phase 1 and Phase 2 baseline requirements. The document aims to provide a deep dive into the topic of secure development lifecycle and define best practices for achieving the same. This includes the following steps: identifying the basic steps for a development lifecycle model and developing best practices for a secure development lifecycle.