G-Cloud III Services Service Definition Accenture Cloud Security Services



Similar documents
G-Cloud IV Services Service Definition Accenture Cloud Security Services

G-Cloud II Services Service Definition Accenture Cloud PaaS Implementation Services AWS Beanstalk

G-Cloud II Services Service Definition Accenture Cloud SaaS Implementation Services Google Apps

G-Cloud IV Services Service Definition Accenture Force.com Cloud Services

G-Cloud III Services Service Definition Accenture Cloud Integration Services

G-Cloud III Framework Service Definition Accenture Azure Cloud Services

G-Cloud IV Services Service Definition Accenture Netsuite Cloud Services

G-Cloud II Services Service Definition Accenture Cloud Infrastructure Implementation Services

G-Cloud IV Framework Service Definition Accenture Web Application Security Scanning as a Service

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.

Accenture and Salesforce.com. Delivering enterprise cloud solutions that help accelerate business value and enable high performance

G-Cloud IV Framework Service Definition Accenture Medical Imaging Managed Service (AMIMS)

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies

Growth Through Excellence

ESKISP Manage security testing

Overview. Service Description: BCP & DR Strategy (L6)

A new era for the Life Sciences industry

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

Technology. Accenture Data Center Services

Unlocking potential: migrating to SAP S/4HANA

The Cadence Partnership Service Definition

Specialist Cloud Services. Acumin Cloud Security Resourcing

The Accenture Foundation Platform for Oracle. Enter

Accenture cloud application migration services

Managed Services. The Future of Process Led Transformation has arrived. Insight Driven Value Chain Management. Execution Excellence

G-Cloud Service Definition. Atos Information Security Wireless Scanning Service

Embrace the G-Cloud. Ultra Secure Colocation Services for the Public Sector. thebunker.net Phone: Fax:

Accenture Life Sciences Cloud for Commercial Services

Practitioner Certificate in Information Assurance Architecture (PCiIAA)

Accenture Foundation Platform for Oracle

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

February 2015 Issue No: 5.2. CESG Certification for IA Professionals

SCOTTISH CENSUS INDEPENDENT SECURITY REVIEW REPORT

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

Accenture Customer Engagement. A Comprehensive Digital Marketing Managed Service Built on Adobe Marketing Cloud

Accenture CAS: Solution Implementation Making change happen

Microsoft Dynamics CRM as a. Service. G-Cloud Pricing. Service - Pricing. Commercial in Confidence

Deloitte Service Code: D-G6-L4-543 December 2014

Cyber Security and Data Privacy Acumin Specialist Cloud Services

Government Procurement Service

Cloud computing empowering your digital transformation

ESKISP Conduct security testing, under supervision

D-G4-L4-126 Police contact management and demand reduction review Deloitte LLP Service for G-Cloud IV

The Supply Chain Academy

Accenture and Software as a Service: Moving to the Cloud to Accelerate Business Value for High Performance

Unlocking potential with SAP S/4HANA

CPNI VIEWPOINT 01/2010 CLOUD COMPUTING

Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services

Specialist Cloud Services Lot 4 Cloud EDRM Consultancy Services

GPG13 Protective Monitoring. Service Definition

The power of collaboration: Accenture capabilities + Dell solutions

Developing an IT agenda to position the business for the future

Cloud Brokerage. G-Cloud Service. Arcus Global

Mapping and Geographic Information Systems Professional Services

Accenture Duck Creek Driving efficiency and high performance through Property & Casualty insurance software

ESKISP Direct security testing

A. Reference information. A0. G-Cloud Programme unique ID number for the service and version number of this scoping template

OPEN DATA CENTER ALLIANCE SM CLOUD ADOPTION SURVEY

Playing to Win. Accenture and Salesforce.com Optimize Customer Experiences with Service Cloud Solutions

G-Cloud IV Services Service Definition Accenture Managed Services for SaaS

Guideline on Implementing Cloud Identity and Access Management

DEVOPS: INNOVATIVE ENGINEERING PRACTICES FOR CONTINUOUS SOFTWARE DELIVERY

Approach to Information Security Architecture. Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera

Government Opensource Cloud

Guideline. Records Management Strategy. Public Record Office Victoria PROS 10/10 Strategic Management. Version Number: 1.0. Issue Date: 19/07/2010

April 2015 Issue No:1.0. Application Guidance - CCP Security and Information Risk Advisor Role, Practitioner Level

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open

Accenture Insurance BPO Services. Achieving high performance through business process outsourcing

Service Definition: Agile Business Services

Data Management Emerging Trends. Sourabh Mukherjee Data Management Practice Head, India Accenture

G-Cloud Service Definition. Atos Security Professional Services SCS

Retail store systems for high performance

Accenture Sustainability Performance Management. Delivering Business Value from Sustainability Strategy

Australian Government Cloud Computing Policy

G-Cloud Service Description. Atos: Cloud Professional Services: Requirements Specification

Australian Government Cloud Computing Policy

The Accenture/ Siemens PLM Software Alliance

CFIR - Finance IT 2015 Cyber security September 2015

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

G-Cloud Service Definition. Atos Business Intelligence Dashboards and Analytics SCS

How To Help Your Business Succeed

Accelerating High Performance with Accenture Application Services for Java

UK Patients with Chronic Conditions Believe the Ability to Access Electronic Medical Records Outweighs Concern of Privacy Invasion

Accenture Development Partnerships Cloud Lessons Learned

Guide to Penetration Testing

Business Security Architecture: Weaving Information Security into Your Organization's Enterprise Architecture through SABSA

The State of Hybrid Cloud

SIAM Procurement G-cloud 7 framework

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Cyber Essentials Scheme

Transcription:

G-Cloud III Services Service Definition Accenture Cloud Security Services 1

Table of contents 1. Scope of our services... 3 2. Approach... 3 3. Assets and tools... 4 4. Outcomes... 5 5. Pricing... 5 6. Contacts... 5 7. About Accenture... 5 8. Additional Information... 6 2

1. Scope of our services This document describes Accenture s Cloud Security Services, and should be read in conjunction with the associated Government Cloud III Services documentation. These services include repeatable processes for identifying security requirements, assessing the security posture and authorising the movement of an application to the cloud. These services are based on enterprise architecture principles and standards (including The Open Government Architecture Framework or TOGAF) but have security as their central focus, reusing principles from Sherwood Applied Business Security Architecture (SABSA). Accenture provides the following Cloud Security services: Support in the selection of a Cloud Services model (either SaaS, IaaS or PaaS). Support to understand the risk associated with specific Cloud Service Models and to identify potential impacts and mitigations. Support to understand risk acceptance criteria and prioritisation of risks based on business impact. Identification of contributors to risk and the weak links in systems. Identification of areas to strengthen protection and recommendations for improvements. Identification of security controls necessary for an application. Assessment of the security posture of Cloud Service Providers. Formal assessment techniques (for example): o Vulnerability scanning. o Penetration testing. o Architecture review/assessments. o Mapping of technical vulnerability against business impacts and business processes. Development of approaches for securing data and applications with Cloud Service Providers. Accenture has 20 years of experience in public sector security including work subject to the Security Policy Framework (SPF) and Good Practice Guidelines from CESG (Communications-Electronics Security Group). These experiences, combined with the most recent thinking and policy from G-Cloud and Government Protective Marking Review is considered through the security assessment. The experience and methods will enable G-Cloud clients to strike the right balance between the assurance and the security of the organisation s data assets whilst delivering high performing and cost effective operational services. 2. Approach Our Cloud Security Services are based on standard, risk driven methodologies in order to assess and evaluate cloud environments. The services are based on Accenture s IT Security Risk Methodology for the cloud. This approach includes a series of toolkits and templates for all phases of a cloud implementation and has been developed with clients in numerous industries across the world. These assets and this experience will be reused where appropriate for the Authority and for G-Cloud delivering unparalleled value in the cloud marketplace. The following outlines the process for a Cloud Security Assessment. Timelines will vary and will depend on the scope of the services as well as the scale and number of the environments in question. 3

Accenture s Cloud Security Assessment Process 3. Assets and tools Accenture s Cloud Security Services will assess the risk of adopting cloud services for the Authority or a G-Cloud customer. Depending on the scope agreed with the Authority they can deliver a security Capability Maturity Report and will define a roadmap for migration or transition to cloud computing. Historically this is an approach favoured by many of our clients. Our services are supported by a number of assets and tools. These assets include formal requirements gathering methods and the Cloud Security Assessment Toolkit. They also include formal methods and tools for assessing security risks, identifying security vulnerabilities and approaches for developing a road map with the G-Cloud customer for improving cloud security or implementing cloud computing. The following diagram shows some of the tools which support our services: Accenture tools supporting the development of a Cloud Security Assessment 4

4. Outcomes Accenture s Cloud Security Services provide the Authority and G-Cloud customers with formal deliverables which provide an overview of the customer s environments and systems in the cloud and how the cloud impacts the client s: Risk posture and residual risks Existing accreditation status The documentation also allows the customer to prioritise remediation activities using the Accenture road map while recognising the constraints of the architecture in question. Whilst the focus of an assessment is on confidentiality, integrity and continued availability of the organisation s assets, our approach and methodology also enables the Authority or the G-Cloud customer to use the outcomes as part of any existing risk management processes as required by HMG standards and processes. 5. Pricing Our unit price of 713 per day represents a blended day rate for systems integration and implementation of Cloud Services. This blend is based on our experience in implementing these kinds of services for customers across industry in the UK. Our commitment is to work with you to define the appropriate scope and deliverables to achieve the desired outcome at the best value for money for you. If the work to deliver the Cloud service is more advisory in nature then our blended rate may increase to 1299 per day or higher. This increase reflects the need for more senior, more experienced staff to be involved in the delivery of these types of service. 6. Contacts Matthew Coates (Global Lead, Accenture Cloud Services Strategy) Email: matthew.coates@accenture.com Telephone: +44 207 844 0247 7. About Accenture Accenture is a global management consulting, technology services and outsourcing company, with more than 249,000 people serving clients in more than 120 countries. Combining unparalleled experience, comprehensive capabilities across all industries and business functions, and extensive research on the world s most successful companies, Accenture collaborates with clients to help them become high-performance businesses and governments. The company generated net revenues of US$27.9 billion for the fiscal year ended Aug. 31, 2012. Specifically within the area of cloud security we: Rank as a leader in The Forrester Wave : Information Security and IT Risk Consulting, Q1 2009. Are a Cloud Security Alliance Corporate Member Are standards contributor to the Trusted Cloud Initiative 5

Offer global scope and coverage more than 1,600 security professionals worldwide with 389 Certified Information System Security Professionals (CISSP),19 Certificate of Cloud Security Knowledge (CCSK) practitioners and 11 Sherwood Applied Business Security Architecture (SABSA) certified architects 8. Additional Information For further information please visit our website: http://www.accenture.com/us-en/pages/insight-cloud-security-strategy.aspx 6

Copyright 2013 Accenture All rights reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Copyright 2012 Accenture All rights reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information