|
Discipline | Workflow | Activity |
|
Business Modeling | Assess Business Status | Identify Organization Security Vision-Identify Organization Security Mission-Identify Organization Security Strategy-Identify Organization Security Policy-Identify Organization Security Value |
Identify Business Processes | Identify Business Structure-Identify Business Process-Identify Internal Rule-Identify External Rule-Identify Partner-Identify Cooperator |
Identify Roles and Responsibilities | Identify Human-Identify Role |
|
Asset | Identify Human Asset | Identify Human |
Identify Logical Asset | Identify Organization Data-Identify Personal Data-Identify Organization Software-Identify Country Software-Identify Foreign Software-Identify Platform-Identify Network Services-Identify Network Design-Identify Protocol-Identify Communication Services |
Identify Physical Asset | Identify Media-Identify Storages-Identify Organization Map and Position-Identify Organization Hardware Components (Printer, Scanner, Fax, Modem, Antenna, Receiver, Sender, Camera, Fire Control, Access Control, Server Room, Server, Earthing Hole, Manhole, Duct, Riser, UPS, Mobile Computer, PC, USB, CD/DVD Writer, CD/DVD Reader, Flash Reader, FDD, Firewall, IDS, Switch, Router,…) |
|
Security Policy | Indicate team members | Establish Management Team |
|
Implementation | Indicate Scope of Implementation | Indicate Scope of Implementation |
Indicate Team Members | Establish Management Team-Establish Executive Team-Establish Advisor team |
Indicate Security Tools | Identify Organization Current Tools-Identify Security Tools-Identify Permitted tools-Indicate Buy Requirements |
|
Configuration and Change Management | Plan Project Configuration and Change Control | Establish Configuration Management Policies-Establish Change Control Process |
Create Project Configuration Management Environment | Set up Configuration Management Environment |
|
Project Management | Conceive New Project | Initiate Project-Develop Business Case-Identify and Assess Project Risks |
Create Security Plan | Define Project Organization and Staffing-Define Monitoring and Control Processes-Plan Phases and Iterations-Make Security Development Plan |
Monitor and Control Project | Monitor Project Status-Schedule and Assign Work-Report Status-Handle Exceptions and Problems |
Manage Iteration | Acquire Staff-Initiate Iteration-Assess Iteration |
Evaluate Project Scope and Risk | Identify and Assess Risks-Develop Business Case |
Close-Out Phase | Prepare for Phase Close-Out |
Plan for Next Iteration | Develop Iteration Plan-Develop Business Case |
|