The cyber domain's importance on the battlefield is increasing due to the increasing use of IT in the battlefield. The reliability and resilience of the IT systems is therefore an important aspect of the overall capabilities in battle. This in turn increases the requirements on the development of IT systems, especially the IT security aspects. This report analyses the strengths and weaknesses in development processes and IT security guidelines used by the Swedish Armed Forces and the Swedish Defence Materiel Administration to develop IT systems. Using interviews, analysis of regulations and analysis of documentation for an IT system the study has identified areas that affect the outcome of IT security activities. Examples of identified areas are dependence on individuals, missing guidelines for IT security in IT systems used on the battlefield and a fragmented approach to IT security. The study concludes that the current processes do not have a significant impact on the actual IT security. The outcome instead largely depends on who performs the IT security activities. The study ends with recommendations on how to improve the IT security aspect in development projects and includes that the Swedish Armed Forces and Swedish Defence Materiel Administration should: ? Work for a sound IT security culture ? Update processes and guidelines ? Develop supporting methods tailored for the organizations to work with IT security