Security and Privacy Plan

EA3 artifact SP-2: Security Plan

The Security Plan provides both high-level and detailed descriptions of the security program that is in effect throughout the enterprise. This includes physical, data, personnel, and operational security elements and procedures.

Chapter 11 in Bernard’s book provides additional detail on Security Plans.

Introduction
- Purpose of the IT Security Program
- Principles of IT Security
- Critical Success Factors
- Intended Outcomes
- Performance Measures
Policy
- Executive Guidance
- Technical Guidance
- Applicable Law and Regulations
- Standards
Reporting Requirements
- IT Security Program Roles and Responsibilities
- IT Security Program Schedule and Milestones
- IT Security Incident Reporting
Concept of Operations
- IT Security Threat Summary
- IT Security Risk Mitigation
- Integration with Enterprise Architecture
- Component/System Security Plans
Security Program Elements
- Information Security
- Personnel Security
- Operational Security
- Physical Security
Standard Operating Procedures
- Test and Evaluation
- Risk Assessment
- Certification and Accreditation
- Disaster Recovery/Continuity of Operations
- Records Protection and Archiving
- Data Privacy

API Architecture Metamodel

The Repository Compare functionality has the potential to aid all types of users. Quality Managers can for example promote the right subsets of their work from a project repository to the base configuration – thus ensuring that all of the Quality Team’s work has been considered.

Ontologies in QualiWare

Transformation Plan

The purpose of the Transformation Plan template is to document strategic transitions over time in the form of transformation plans.

Related Posts

API Architecture Metamodel

Ontologies in QualiWare

Transformation Plan

Leave a Comment Cancel reply