The software development lifecycle (SDLC) is the structured process organizations use to plan, design, build, test, deploy, and maintain software. It is not a single methodology — it is a framework that describes the phases every software delivery program moves through, regardless of whether the delivery approach is Waterfall, Agile, or Hybrid.
- The SDLC describes phases; methodology describes how you move through them
- Requirements is the most consequential phase because defects introduced here are the most expensive to fix
- UAT is a governance event, not just a testing event
- Release governance is the final control gate before production
The six SDLC phases
Requirements: elicit, document, and baseline what the solution must do. Design: define how the solution will be built to meet those requirements. Build: develop the solution against the design specification. Test: verify that the solution meets requirements through structured testing including unit, integration, system, and user acceptance testing. Deploy: move the validated solution to production through a governed release process. Maintain: manage the post-release defect backlog, enhancements, and performance.
SDLC and delivery methodology
The SDLC describes what phases happen; the delivery methodology describes how you move through them. Waterfall moves through SDLC phases sequentially with formal gates between each. Agile iterates through mini-SDLCs within each sprint: a sprint contains requirements (user stories), design, build, and test within its timebox. Hybrid preserves the high-level phase structure of Waterfall while using Agile execution within phases.
Why requirements is the highest-leverage phase
Defects introduced during requirements cost 50 to 200 times more to fix when discovered at production than when caught at the requirements phase. This is the empirical case for investing in requirements governance: every ambiguous requirement that makes it into design and build will surface again as a defect, a change request, or a failed UAT session — at significantly higher cost.
UAT as governance, not just testing
User acceptance testing is the business's formal confirmation that the solution meets the original requirements. When UAT is run as an informal "click around and see if it seems right" exercise rather than a structured process with test cases traced to requirements, it is not a control — it is theater. Effective UAT governance requires test plans, entry and exit criteria, defect triage, and formal sign-off authority.
Release governance: the final gate
Release governance is the structured process for deciding whether a software build is ready for production. It includes release readiness criteria (what must be true before we can release), a cutover plan (what happens during the release window), a rollback plan (what happens if the release fails), and stakeholder sign-off (who has the authority to approve the release). Programs that treat release as a technical event rather than a governance event take on risk they do not measure.
Frequently asked questions
No. SDLC is a framework describing the phases of software delivery. Agile is a methodology for how to move through those phases. All Agile programs have an SDLC; not all SDLC programs are Agile.
Requirements and post-deployment maintenance are the most commonly compressed phases under schedule pressure. Both compressions create significantly more work downstream.
Requirements: business analyst and product owner. Design: solution architect and technical lead. Build: development team. Test: QA team with business analyst support for UAT. Deploy: DevOps and PM for release governance. Maintain: operations and product team.
Request What Is the Software Development Lifecycle (SDLC)?
Answer a few quick questions. We will recommend the right engagement and follow up within one business day.
Ready to put this into practice?
PMOstart provides consulting, fractional PMO leadership, templates, and tools to help you apply what you just read.