IBM Security in the Software Development Lifecycle
|
|
- Ralf Nash
- 8 years ago
- Views:
Transcription
1 IBM Security in the Software Development Lifecycle Service Definition 1
2 1. Summary 1.1 Service Description This offering is provided by IBM Global Technology Services, Security and Privacy, for the design and implementation of security measures, professionally tailored to meet your organisation s specific needs through each stage of the development lifecycle. IBM offers thorough, end-to-end security services designed to identify and address the specific needs of client software development projects. Its highly knowledgeable team of registered CLAS consultants and security architects have between them many years experience of implementing security programmes across both the public and private sectors, as well as for organisations of many different sizes, representing a spectrum of industries. They offer in-depth, personalised consultations, with the aim of forming a good understanding of the client s business, style of working and the focus of the specific project. The IBM team then formulates a bespoke roadmap of security activities, tailored to ideally fit with the phases of the project and suit the specific requirements of the client. The service incorporates advice and guidance on all areas of security including: Physical security e.g. secure perimeters Information security e.g. firewalls, password protection Personnel security e.g. access control Network security Architecture and solution designs Specifications in which IBM has a great deal of prior experience include the design and implementation of security processes on projects that ensure compliance with recognised standards such as ISO We also tailor our methods to those that fit best with the client s modus operandi, for example endeavouring to keep system outages to a minimum in order to maintain key live environments. Dependent on our clients requirements and budget, we offer full management of security roadmap implementation or continued consultation support for clients own implementation teams. 2
3 1.2 Service Characteristics Lot Applicability Security in the Development Lifecycle Any medium-large public or private sector organisation embarking on a development project, for which they require comprehensive security protection. Contract Duration Contract Price Lead time to start Related Lot(s) /Offering(s) Flexible to be agreed in the Call-Off Order Variable based on time and materials depending on agreeing, with the Contracting Authority, the resources required for the Call-Off Order, based on the IBM SFIA rate table. The price will be subject to VAT and out of pocket expenses incurred outside the M25. 2 weeks IBM Hosted Vulnerability Management 'VMS' IBM Host Security Event and Log Management (SELM) 1.3 Why IBM IBM has been a member of the CESG Listed Adviser Scheme (CLAS) since 2002 and currently employs a total of 11 CLAS consultants as well as high quality independent contractors. In addition to CLAS, our consultants hold qualifications such as CISSP, CISM, CISA, IISP, ISO27001 Lead Auditor & Implementer, CSSLP, CRISC, Certified Data Protection Practitioner, CEH and Tiger Scheme as well as IBM Certification at Experienced and Expert levels as Security Consultants and Security Architects. As a List X organisation IBM has a full time List-X Security Controller with access to the full Security Policy Framework. We work closely with the security authorities to implement physical and personnel security as well as information security. As a result of this our CLAS consultants are able to advise on vetting and physical security matters, undertaking a Security Assessment for Protectively Marked Assets (SAPMA) where appropriate. Our approach to documenting and delivering information security controls, processes and procedures consistently is in accord with ISO/IEC27002:2005. We have extended this with technical standards for implementation and configuration of security functions, based on our extensive experience of deploying solutions in high assurance environments. This approach, together with other applicable industry standards, including ISO/IEC27003, ISO/IEC 27005, SAS70, COBIT and ITIL, provides a unique integrated management system that fully meets specific security requirements. This approach was used to great 3
4 effect on recent projects including IABS for the UKBA which was accredited for live operations in February Accreditation included signing the GSI Code of Connection and interconnecting with POISE (Home Office IT system) and the UKBA Warnings Index. IBM has a strong catalogue of experience in designing and implementing security processes for all types of organisations. We have a constant presence in numerous large-scale public sector projects and also do a great deal of security work for private companies in the telecommunications, financial and industrial spheres. Our consultants have backgrounds in various types of project and are skilled at assessing an organisation s business and project requirements and designing bespoke security solutions accordingly. 1.4 Contact Contact Name Steve Cliff Title IBM UK Cloud Alliances Executive Address PO Box 41 North Harbour Portsmouth Hants, PO6 3AU Contact stevecliff@uk.ibm.com Contact Phone
5 2. Delivery 2.1 Context During a development project, numerous new security vulnerabilities inevitably arise: the creation or application of intellectual property in a new capacity necessitates the implementation of protective measures; involvement with other organisations may pose a risk to personal or business data security, possibly even requiring adherence to prespecified standards such as ISO27001; and access control must be considered to protect against asset loss or mismanagement. When all hands are occupied with development work, it is often all too easy to let security considerations slip, and yet this could store up potentially serious problems for the future. 2.2 What we will deliver With this service offering, IBM takes responsibility for identifying and assessing all the potential security threats applicable to a project and provides detailed professional guidance on the measures that may be taken to address these. IBM will work with you to fully understand the nature and complexities of your business in order to provide the most closely-applicable, thorough and watertight security solutions possible. Our highly experienced consultants have extensive knowledge of applying security measures to many different types of organisation, so they offer a clear, tested, and sharply-defined service, which delivers palpable value quickly. Some of the specific services IBM offers as part of its package are: Thorough analysis of the potential security issues at each stage of the development lifecycle. This can be achieved using the Capability Maturity Model Integration (CMMI) standard Tailored and documented strategies, covering physical, personnel, network and information security Continued consultations with CLAS consultants as required throughout each stage of the project Pen testing Managed Security Working Group (SWG) meetings to ensure regular communication with your organisation and keep track of new security-related issues We will work with you to define the initiatives that will enable you to achieve your security goals, whether these are determined by yourselves, your clients or government or global standards, such as the ISO We will craft a realistic roadmap, which will 5
6 include a proposal of how we can support you in achieving the desired outcome by applying a number of skilled IBM delivery professionals into your delivery organisation to give you some short term delivery capacity, allowing you to free up your own team to deliver the changes required. 2.3 Commercials This will be a Time and Materials contract however, following the first phase of the work, there could be the opportunity to discuss the conversion of the initial quote into either a Fixed Price or Risk/Reward based contract in order to provide increased flexibility for your organisation. Initial work will be carried out under the Strategy and Architecture category of the IBM SFIA rate table unless agreed otherwise. Follow on work will be under the appropriate category(ies) of the IBM SFIA rate table. The scope of work will be set out in the Call Off Order Form and agreed by both parties. Follow on services to enable you to complete implementation of cloud services can be provided by IBM. Details should be agreed via the Call-Off Order and priced using the IBM SFIA rate card. 2.4 Key Points Other key points to note are as follows: This offering is subject to availability of IBM resources. The Charges for this Service are on the basis that no Parent Company Guarantee is required. If one is required and agreed to by IBM then the Charges will be revised accordingly. The pricing and terms on individual call-off orders should be handled as commercially sensitive by the Contracting Body. As the work is of a sensitive and secure nature, security standards will be agreed between IBM and the Contracting Body, and IBM will ask the Contracting Body to issue a Security Aspects letter. The work is subject to IBM s Terms of Business, which are attached separately to this catalogue item. 6
IBM Hosted Application Scanning
IBM Hosted Application Scanning Service Definition IBM Hosted Application Scanning 1 1. Summary 1.1 Service Description IBM Hosted Application Security Services Production Application Scanning Service
More informationIBM Penetration Testing Services
IBM Penetration Testing Services Service Definition IBM Penetration Testing Services 1 1. Summary 1.1 Service Description IBM offers a comprehensive set of Security Assessment and Penetration Testing services,
More informationCustomer Management - Cloud Transformation Services
Customer Management - Cloud Transformation Services The Customer Management services IBM offer include customer strategy development, customer experience design and the design and build of CRM, digital,
More informationIBM Business Analytics Requirements Analysis and Planning
IBM Business Analytics Requirements Analysis and Planning Service Definition IBM Business Analytics Requirements Analysis and Planning 1 1. Summary 1.1 Service Description As an integral part of IBM Business
More informationHR Cloud IT Strategy. HR Cloud IT Strategy 1
HR Cloud IT Strategy This offering will produce a defined strategy for HR in the Cloud and a roadmap to support the execution of the strategy. The service will work with customers to envision and articulate
More informationData Centre Facilities Assessment, Design and Build. Service Definition. G Cloud V IBM Data Centre Facilities Assessment, Design & Build 1
Data Centre Facilities Assessment, Design and Build Service Definition 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Technology, Infrastructure Technology Services, and provides
More informationAutomated Cloud Environment Build Service
Automated Cloud Environment Build Service Service Definition Cloud Application Design, Delivery and Integration (DDI) 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business
More informationIBM Mobile Strategy Accelerator
IBM Mobile Strategy Accelerator The IBM Mobile Strategy Accelerator is an 8-12 week focused strategic offering which deploys experienced IBM Enterprise Mobility Subject Matter Experts into your business
More informationIBM Sterling Order Management
IBM Sterling Order Management Service Definition 1 1. Summary 1.1 Service Description IBM Sterling Order Management provides a centralised inventory, order promising and fulfilment hub facilitating omni-channel
More informationIBM G-Cloud Application Systems Management as a Service
IBM G-Cloud Application Systems Management as a Service Service Definition 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business Services and provides a Systems Management
More informationIBM Transport Management System
IBM Transport Management System Service Definition 1 1. Summary 1.1 Service Description IBM Sterling Transportation Management System (Sterling TMS) is a carrier management, cloud-based system that optimizes
More informationIBM Web Server as a Service
IBM Web Server as a Service Service Definition IBM G-Cloud Web Server as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business Services and provides a Web Server
More informationIBM Database as a Service
IBM Database as a Service Service Definition IBM G-Cloud Database as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business Services and provides a versatile (relational
More informationPractitioner Certificate in Information Assurance Architecture (PCiIAA)
Practitioner Certificate in Information Assurance Architecture (PCiIAA) 15 th August, 2015 v2.1 Course Introduction 1.1. Overview A Security Architect (SA) is a senior-level enterprise architect role,
More informationCyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13
Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...
More informationGrowth Through Excellence
Growth Through Excellence Public/Private Cloud Services Service Definition Document G- Cloud 5 REFERENCE NUMBER RM1557v Table of Contents Table of Contents... 3 Executive Summary... 4 About the Company...
More informationDIGITAL FORENSICS AND CYBER INCIDENT RESPONSE SERVICES
G Cloud IV Framework Lot 4 DIGITAL FORENSICS AND CYBER INCIDENT RESPONSE SERVICES Service Description - ANSEC IA Limited CONTENTS 1 Company Profile. 2 The ANSEC Effect 3 Qualifications 4 Service Description..
More informationIRAP Policy and Procedures up to date as of 16 September 2014.
Australian Signals Directorate Cyber and Information Security Division Information Security Registered Assessors Program Policy and Procedures 09/2014 IRAP Policy and Procedures 09/2014 1 IRAP Policy and
More informationFoundation Bridge in IT Service Management (ITSM) according to ISO/IEC 20000. Specification Sheet. ISO/IEC 20000 Foundation Bridge TÜV SÜD Akademie
Foundation Bridge in IT Service Management (ITSM) according to ISO/IEC 20000 Specification Sheet TÜV SÜD Akademie Issue: 2.0 Date: 25 October 2012 Table of Contents 1 Reading aid... 4 2 ISO/IEC 20000 -
More informationIPL Service Definition - Data Recovery, Conversion and Migration
IPL Proposal IPL Service Definition - Data Recovery, Conversion and Migration Project: Date: 10 April 2014 Issue Number: V1 Customer: Crown Commercial Service Page 1 of 10 IPL Information Processing Limited
More informationCESG Certification of Cyber Security Training Courses
CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security
More informationICT and Information Security Resources
Methods GCloud Service Definition ICT and Information Security Resources HEAD OFFICE: 125 Shaftesbury Avenue, London WC2H 8AD Scottish Office: Exchange Place 2, 5 Semple Street, Edinburgh, EH3 8BL t: +44
More informationCareer Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88
Career Survey 1. In which country are you based? 88 answered question 88 skipped question 0 2. What is your job title? 88 answered question 88 skipped question 0 3. Travel budget not at all 21.0% 17 somewhat
More informationHP Cyber Security Control Cyber Insight & Defence
HP Cyber Security Control Cyber Insight & Defence Security awareness at board level Security leadership is under immense pressure Cyber threat Extended supply chain Financial loss Reputation damage Cost
More informationIBM G-Cloud Microsoft Windows Active Directory as a Service
IBM G-Cloud Microsoft Windows Active Directory as a Service Service Definition IBM G-Cloud Windows AD as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business
More informationSupporting information technology risk management
IBM Global Technology Services Thought Leadership White Paper October 2011 Supporting information technology risk management It takes an entire organization 2 Supporting information technology risk management
More informationCenturyLink Disaster Recovery Service. G-Cloud V Lot 4 (Specialist Cloud Services)
CenturyLink Disaster Recovery Service G-Cloud V Lot 4 (Specialist Cloud Services) Overview of the Service To help public sector organisations be prepared in the event of a disaster, CenturyLink Technology
More informationG-Cloud Service Definition. Atos Data Quality Audit SCS
G-Cloud Service Definition Atos Data Quality Audit SCS Atos Data Quality Audit SCS As organisations increasingly utilise a hybrid of Legacy and Cloud based technology platforms, it becomes increasingly
More informationKEY TRENDS AND DRIVERS OF SECURITY
CYBERSECURITY: ISSUES AND ISACA S RESPONSE Speaker: Renato Burazer, CISA,CISM,CRISC,CGEIT,CISSP KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures
More informationChoosing Ascentor as your cyber security partner. Secure your information Strengthen your business
Secure your information Strengthen your business Choosing Ascentor as your cyber security partner www.ascentor.co.uk Ascentor Ltd 5 Wheatstone Court, Davy Way Waterwells Business Park Quedgeley, Gloucester
More informationService Definition. IBM Kenexa Learning Management and Learning Content Management Systems 1
IBM Kenexa Learning Management and Learning Content Management Systems Service Definition IBM Kenexa Learning Management and Learning Content Management Systems 1 1. Summary 1.1 Service Description The
More informationA Guide to the Cyber Essentials Scheme
A Guide to the Cyber Essentials Scheme Published by: CREST Tel: 0845 686-5542 Email: admin@crest-approved.org Web: http://www.crest-approved.org/ Principal Author Jane Frankland, Managing Director, Jane
More informationFirewall Administration and Management
Firewall Administration and Management Preventing unauthorised access and costly breaches G-Cloud 5 Service Definition CONTENTS Overview of Service... 2 Protects Systems and data... 2 Optimise firewall
More informationQuestions and answers relating to Restricted tender procedure EMA/2012/19/IS Provision of Security Consultancy Services
30 October 2012 EMA/702274/2012 Questions and answers relating to Restricted tender procedure EMA/2012/19/IS Provision of Security Consultancy Services Table of contents Questions and answers... 2 Document
More informationBCS Specialist Certificate in Change Management Syllabus
BCS Specialist Certificate in Change Management Syllabus Version 1.9 March 2015 BCS Specialist Certificate in Change Management Syllabus Contents Change History... 2 Rationale... 3 Aims and Objectives...
More informationOver 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 BILL S BIO Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit. Vice President Controls
More informationG-Cloud Service Definition. Atos Security Professional Services SCS
G-Cloud Service Definition Atos Security Professional Services SCS Atos Security Professional Services SCS Security Professional Services delivered by experienced certified professionals empowered by market
More informationApproach to Information Security Architecture. Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera
Approach to Information Security Architecture Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera About TeliaSonera TeliaSonera provides network access and telecommunication services that help
More informationCYBERSECURITY: ISSUES AND ISACA S RESPONSE
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures Mobile devices Social media Cloud services
More informationTerms of Reference for an IT Audit of
National Maritime Safety Authority (NMSA) TASK DESCRIPTION PROJECT/TASK TITLE: EXECUTING AGENT: IMPLEMENTING AGENT: PROJECT SPONSOR: PROJECT LOCATION: To engage a professional and qualified IT Auditor
More informationIBM Payment Services. Service Definition. IBM Payment Services 1
IBM Payment Services Service Definition IBM Payment Services 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Process Services to allow Government bodies to deliver commerce
More informationGovernance and Management of Information Security
Governance and Management of Information Security Øivind Høiem, CISA CRISC Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector secretary for information
More informationCloud Security Who do you trust?
Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud
More informationANNEX B. Terms of Reference. CTBTO Information Security Management System Support on Call-off Basis
ANNEX B Terms of Reference CTBTO Information Security Management System Support on Call-off Basis Table of Contents Acronyms 3 Introduction 4 Background 4 Objectives and Expected Results 5 Scope of Work
More informationApril 2015 Issue No:1.0. Application Guidance - CCP Security and Information Risk Advisor Role, Practitioner Level
April 2015 Issue No:1.0 Application Guidance - CCP Security and Information Risk Advisor Role, Practitioner Level Application Guidance CCP Security and Information Risk Advisor Role, Practitioner Level
More informationWhy compromise on the quality of your cyber security training? How APMG, CESG and QA accreditations ensure the highest possible training standards
Why compromise on the quality of your cyber security training? How APMG, CESG and QA accreditations ensure the highest possible training standards Cyber Security CESG Certified Training // 2 Contents 3
More informationDigital Forensics G-Cloud Service Definition
Digital Forensics G-Cloud Service Definition 2013 General Dynamics Information Technology Limited. All rights 1 GDIT Team Clients Metropolitan Police Service The General Dynamics Information Technology
More informationInformation Security Risk Management
Information Security Risk Management Based on ISO/IEC 17799 Houman Sadeghi Kaji Spread Spectrum Communication System PhD., Cisco Certified Network Professional Security Specialist BS7799 LA info@houmankaji.net
More informationG-Cloud III Services Service Definition Accenture Cloud Security Services
G-Cloud III Services Service Definition Accenture Cloud Security Services 1 Table of contents 1. Scope of our services... 3 2. Approach... 3 3. Assets and tools... 4 4. Outcomes... 5 5. Pricing... 5 6.
More informationEmail Router and Vetting G-Cloud Service Definition
Email Router and Vetting G-Cloud Service Definition 2013 General Dynamics Information Technology. All rights reserved 1 In partnership with Government and industry-leading technology partners, General
More informationIBM Workload Automation
IBM Workload Automation Service Definition 1 1. Summary 1.1 Service Description IBM Workload Automation (SaaS) is a service management solution that allows customers to model the business processes one
More informationInformation Security Specialist Training on the Basis of ISO/IEC 27002
Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu
More informationApplication Guidance CCP Penetration Tester Role, Practitioner Level
August 2014 Issue No: 1.0 Application Guidance CCP Penetration Tester Role, Practitioner Level Application Guidance CCP Penetration Tester Role, Practitioner Level Issue No: 1.0 August 2014 This document
More informationG-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services
G-Cloud Service Definition Atos Oracle Cloud ERP Implementation Services Atos Oracle Cloud ERP Implementation Services Customers need adaptive and agile Enterprise Resource Planning (ERP) systems to support
More information/ BROCHURE / CHECKLIST: PCI/ISO COMPLIANCE. By Melbourne IT Enterprise Services
/ BROCHURE / CHECKLIST: PCI/ISO COMPLIANCE By Melbourne IT Enterprise Services CHECKLIST: PCI/ISO COMPLIANCE If your business handles credit card transactions then you ve probably heard of the Payment
More informationSCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services
SCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services Contents 1 Introduction...2 2 IA, CLAS Consulting and CHECK Testing...3 3 Information Assurance...4 4 Accreditation...5
More informationISO/IEC 27002:2013 WHITEPAPER. When Recognition Matters
When Recognition Matters WHITEPAPER ISO/IEC 27002:2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS www.pecb.com CONTENT 3 4 5 6 6 7 7 7 7 8 8 8 9 9 9
More informationFebruary 2015 Issue No: 5.2. CESG Certification for IA Professionals
February 2015 Issue No: 5.2 CESG Certification for IA Professionals Issue No: 5.2 February 2015 The copyright of this document is reserved and vested in the Crown. This document may not be reproduced or
More informationInformation Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) Summary of Duties. Minimum Qualifications
Thomas K. Lee, Executive Director/CIO Human Resources Department (518) 447-2906 Information Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) The New York State
More informationSTL Microsoft Dynamics CRM Consulting and Support Services
STL Microsoft Dynamics CRM Consulting and Support Services STL Technologies Equis House Eastern Way Bury St Edmunds Suffolk IP32 7AB Service Description and Pricing Specialist Cloud Services www.stl.co.uk
More informationJOB DESCRIPTION. IS teams, Hanover colleagues, third party suppliers. Principal Duties and Responsibilities
JOB DESCRIPTION Job title: IT Security Analyst Grade: Responsible to: Responsible for: Liaises with: Head of IS N/A IS teams, Hanover colleagues, third party suppliers Role Purpose: Location: The purpose
More informationUK Government IA Recent Changes and Update
UK Government IA Recent Changes and Update INTRODUCTION Agenda Part 1 Government IA and Cyber Security Background Quick Threat Update UK Government Cyber Security Initiative Government Asset Control in
More informationSCOTTISH CENSUS INDEPENDENT SECURITY REVIEW REPORT
SCOTTISH CENSUS INDEPENDENT SECURITY REVIEW REPORT Issue 1.0 Date 24/03/2011 Logica is a business and technology service company, employing 39,000 people. It provides business consulting, systems integration
More informationG-Cloud Service Definition. Atos Business Intelligence Dashboards and Analytics SCS
G-Cloud Service Definition Atos Business Intelligence Dashboards and Analytics SCS Atos Business Intelligence Dashboards and Analytics SCS The Atos approach to Business Intelligence (BI) Dashboards and
More informationISO 27001 Information Security Management Services (Lot 4)
ISO 27001 Information Security Management Services (Lot 4) CONTENTS 1. WHY LEICESTERSHIRE HEALTH INFORMATICS SERVICE?... 3 2. LHIS TECHNICAL ASSURANCE SERVICES... 3 3. SERVICE OVERVIEW... 4 4. EXPERIENCE...
More informationIntroduction to ITIL for Project Managers
CSC NORTH AMERICAN PUBLIC SECTOR Introduction to ITIL for Project Managers May Chantilly Luncheon Linda Budiman, PMP ITILv2 & ITILv3 Process Architect ITIL Service Manager, CobiT certified 5/13/2008 8:08:45
More informationThe Cadence Partnership Service Definition
The Cadence Partnership Service Definition About Cadence The Cadence Partnership is an independent management consultancy, specialising in working with a wide range of organisations, solving complex issues
More informationdeveloping your potential Cyber Security Training
developing your potential Cyber Security Training The benefits of cyber security awareness The cost of a single cyber security incident can easily reach six-figure sums and any damage or loss to a company
More informationOverview. Service Description: BCP & DR Strategy (L6)
Service Description: BCP & DR Strategy (L6) Government Enterprise Architecture Specialists T: 07966 457 571 E: peter@vision-ist.net Overview Visionist will help your organisation develop a Business Continuity
More informationCOBIT 5 Implementation Certifi cate. Training Course & Exam
COBIT 5 Implementation Certifi cate Training Course & Exam Introduction The COBIT 5 Implementation Certifi cate is a Practitioner Level Training Course that focuses on how to apply COBIT 5 (The Framework
More informationIntroduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors
Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors Importance of Effective Internal Controls and COSO COSO
More informationJOB DESCRIPTION REF: 50039237
JOB DESCRIPTION REF: 50039237 Note: This job description does not form part of the employee s contract of employment but is provided for guidance. The precise duties and responsibilities of any job may
More informationContents Company overview Partnering with CCE Service offerings Accreditations Service coverage ISO compliance
Partner Capability Contents Company overview Partnering with CCE Service offerings Accreditations Service coverage ISO compliance Company overview About us CCE is one of the UK s largest independent IT
More informationCustomer Relationship Management Software Package G-Cloud Service Definition
Customer Relationship Management Software Package G-Cloud Service Definition 2014 General Dynamics Information Technology. All rights reserved 1 Delivering consistent multi-channel (telephony, e-mail,
More informationIT Governance Implementation Workshop
IT Governance Implementation Workshop 3 Full day power packed workshop facilitated by Mr. Gary Allan Banister and Mr. Sreechith Radhakrishnan About the Programme Information is created, used, retained,
More informationIoT & SCADA Cyber Security Services
IoT & SCADA Cyber Security Services RIOT SOLUTIONS PTY LTD P.O. Box 10087, Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 4, 60 Edward St, Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au
More informationThales Service Definition for NOC Services for Cloud
Thales Service Definition for UK NOC Services Thales Service Definition for NOC Services for Cloud April 2014 Page 1 of 13 Thales Service Definition for UK NOC Services CONTENT Page No. Introduction...
More informationG-Cloud Service Definition. Atos Business Intelligence Dashboards and Analytics SCS
G-Cloud Service Definition Atos Business Intelligence Dashboards and Analytics SCS Atos Business Intelligence Dashboards and Analytics SCS The Atos approach to Business Intelligence (BI) Dashboards and
More informationBCS Specialist Certificate in Business Relationship Management Syllabus. Version 1.9 March 2015
BCS Specialist Certificate in Business Relationship Management Syllabus Version 1.9 March 2015 BCS Specialist Certificate in Business Relationship Management Syllabus Contents Change History... 2 Rationale...
More informationINFORMATION SYSTEMS. Revised: August 2013
Revised: August 2013 INFORMATION SYSTEMS In November 2011, The University of North Carolina Information Technology Security Council [ITSC] recommended the adoption of ISO/IEC 27002 Information technology
More informationGovernment Procurement Service
www.pwc.co.uk Government Procurement Service PwC and the G-Cloud: knowledge, experience, value V1.0 PwC Service Definition 9: G-Cloud Cyber Security Design and Assurance 06 October 2015 www.pwc.co.uk Table
More informationCESG Certified Professional
CESG Certified Professional Verify your skills and competence in information assurance Now open to cyber security professionals working in UK industry CONTENTS 1. Introduction 2. IA in Context: Why Professionalism
More informationIT Governance: The benefits of an Information Security Management System
IT Governance: The benefits of an Information Security Management System Katerina Cai, CISSP Hewlett-Packard 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to
More informationThis document includes information about the role for which you are applying and the information you will need to provide with the application.
Further Particulars This document includes information about the role for which you are applying and the information you will need to provide with the application. 1. Role details Vacancy reference: 7770
More informationThe Software Experts. Training Courses and Events
The Software Experts Training Courses and Events one HELPING UK ORGANISATIONS Ensure IT Compliance Education, Training & Development Many companies in the UK are finding that without accurate information
More informationHow To Help Your Business Succeed
G Cloud III Framework Lot 4 (SCS) CHECK Accredited Penetration Testing Services Contents Executive Summary 3 CHECK Accredited Penetration Testing Services 4 Why Deloitte? 5 Package Cost 7 Contact 9 Service
More informationISO/IEC 20000 Part 1 the next edition
ISO/IEC 20000 Part 1 the next edition Lynda Cooper Independent Consultant UK representative to ISO and project editor for ISO20000 part 1 Synopsis ISO/IEC 20000 part 1 was published in 2005. Since then,
More informationTERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO
TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) Consultant - Enterprise Systems & Applications 1. Reporting Function. The Applications Consultant reports directly to the CIO 2. Qualification and Experience
More informationFour Top Emagined Security Services
Four Top Emagined Security Services. www.emagined.com Emagined Security offers a variety of Security Services designed to support growing security needs. This brochure highlights four key Emagined Security
More informationCertified Information Security Manager (CISM)
Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security
More informationIBM Smartcloud Managed Backup
IBM Smartcloud Managed Backup Service Definition 1 1. Summary 1.1 Service Description The IBM SmartCloud Managed Backup service provides public, private and hybrid cloudbased data protection solutions
More informationGuide to Penetration Testing
What to consider when testing your network HALKYN CONSULTING 06 May 11 T Wake CEH CISSP CISM CEH CISSP CISM Introduction Security breaches are frequently in the news. Rarely does a week go by without a
More informationCOBIT 5 Implementation Certification Course
COBIT 5 Implementation Certification Course About COBIT 5.0 Information is created, used, retained, disclosed and destroyed. Technology plays a key role in these actions and technology is becoming pervasive
More informationInformation Security: Business Assurance Guidelines
Information Security: Business Assurance Guidelines The DTI drives our ambition of prosperity for all by working to create the best environment for business success in the UK. We help people and companies
More informationITIL Foundation Certification Course
ITIL Foundation Certification Course About the Programme While most IT divisions are organized by functions such as desktop management, application management, Network management, System & database administration,
More informationDCA metrics for the approval of Auditing Firms for Certifications Scheme VERSION 1.0
DCA metrics for the approval of Auditing Firms for Certifications Scheme VERSION 1.0 2013, Data Centre Alliance Limited (www.datacentrealliance.org). All rights reserved. This publication may not be reproduced
More informationEncyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.
Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Administrative Awareness Case Study: Government Offices Certification and Accreditation:
More informationTutorial: Towards better managed Grids. IT Service Management best practices based on ITIL
Tutorial: Towards better managed Grids. IT Service Management best practices based on ITIL EGI Technical Forum 2011, Lyon (France) September 22, 2011 Dr. Thomas Schaaf www.gslm.eu EMERGENCE TECH LTD. The
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest
More informationAN OVERVIEW OF INFORMATION SECURITY STANDARDS
AN OVERVIEW OF INFORMATION SECURITY STANDARDS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced
More information