|
| Discipline | Workflow | Activity |
|
| Business Modeling | Assess Business Status | Identify Organization Security Vision-Identify Organization Security Mission-Identify Organization Security Strategy-Identify Organization Security Policy-Identify Organization Security Value |
| Identify Business Processes | Identify Business Structure-Identify Business Process-Identify Internal Rule-Identify External Rule-Identify Partner-Identify Cooperator |
| Identify Roles and Responsibilities | Identify Human-Identify Role |
|
| Asset | Identify Human Asset | Identify Human |
| Identify Logical Asset | Identify Organization Data-Identify Personal Data-Identify Organization Software-Identify Country Software-Identify Foreign Software-Identify Platform-Identify Network Services-Identify Network Design-Identify Protocol-Identify Communication Services |
| Identify Physical Asset | Identify Media-Identify Storages-Identify Organization Map and Position-Identify Organization Hardware Components (Printer, Scanner, Fax, Modem, Antenna, Receiver, Sender, Camera, Fire Control, Access Control, Server Room, Server, Earthing Hole, Manhole, Duct, Riser, UPS, Mobile Computer, PC, USB, CD/DVD Writer, CD/DVD Reader, Flash Reader, FDD, Firewall, IDS, Switch, Router,…) |
|
| Security Policy | Indicate team members | Establish Management Team |
|
| Implementation | Indicate Scope of Implementation | Indicate Scope of Implementation |
| Indicate Team Members | Establish Management Team-Establish Executive Team-Establish Advisor team |
| Indicate Security Tools | Identify Organization Current Tools-Identify Security Tools-Identify Permitted tools-Indicate Buy Requirements |
|
| Configuration and Change Management | Plan Project Configuration and Change Control | Establish Configuration Management Policies-Establish Change Control Process |
| Create Project Configuration Management Environment | Set up Configuration Management Environment |
|
| Project Management | Conceive New Project | Initiate Project-Develop Business Case-Identify and Assess Project Risks |
| Create Security Plan | Define Project Organization and Staffing-Define Monitoring and Control Processes-Plan Phases and Iterations-Make Security Development Plan |
| Monitor and Control Project | Monitor Project Status-Schedule and Assign Work-Report Status-Handle Exceptions and Problems |
| Manage Iteration | Acquire Staff-Initiate Iteration-Assess Iteration |
| Evaluate Project Scope and Risk | Identify and Assess Risks-Develop Business Case |
| Close-Out Phase | Prepare for Phase Close-Out |
| Plan for Next Iteration | Develop Iteration Plan-Develop Business Case |
|
