![]() A deputy for each executive stakeholder should attend working sessions additional participants are welcome. ![]() Each session requires a representative with relevant experience in the domain and empowerment to set priority within the bounds given. Review audit findings, addressable items, mandated remediations Review prior year penetration test findings Review burdensome existing compliance and reporting activities Working Sessions each session will present a set of use cases to the team for joint evaluation and prioritization based on the criteria developed in the opening session. Opening Session 9:30-11:00 (all participants) Openings and personal introductions, roles and responsibilities (all) Presentation of methodology for the workshop (splunk) Executive Round Table discus formal and informal project drivers other goals and success criteria. Typical Agenda 3 days The following agenda can be modified collaboratively if needed, our experience has been that we must allow some blocks of time between sessions and start/end of day to avoid walk aways due to urgent business need arising during the day. Preparation Identify essential and beneficial staff per session based on the agenda that follows Secure meeting space Minimize meeting location changes as this is disruptive to progress and contributes to no shows Adequate seating for attendes One, preferable 2 projectors/screens Guest Wifi White boards Splunk will provide a Webex session and use digital whiteboards, and utilize recording unless the customer has objections, this is utilized to review enrich notes as needed to prepare deliverables and is not required if the customer is uncomfortable Collect supporting documentation electronically All applicable internal policies and supporting standards such as Information Resource Classification Information Retention and Destruction Infrastructure logging and configuration Database Logging and Configuration Application Logging and Configuration Inventory of Standards with requirments for logging and monitoring applicable to your business Internal Audit/Self Asessment for applicable security standards such as PCI/SOX/HIPPA inclusive current draft reports External Audit/Self Asessment for applicable security standards such as PCI/SOX/HIPPA Identifiy the following project roles and schedule for attendance Project Manager Senior Business Analyst Senior Technical Analyst/Architect Senior Security Analyst Test Lead Executive Sponsor Executive Stakeholders or immediate deputies Compliance Analysts Internal Assors Using information gained from the workshop the project team will deliver a prioritized list of data sources for on data boarding and use case adoption for the cyber security operations team. +1.415.568.4200(M ain) +1.415.869.3906 (Fax) Professional Services/Security Use Case Workshop The use case development workshop is designed to assist the customer in the process of cataloging business drivers and requirements used to guide the customer delivery team assisted by Splunk Consultants in delivery of a solution that will meet the customers needs and budget. 250 Brannan Street, 2nd Floor San Francisco, CA 94107 Version Control SECURITY PROGRAM REVIEW Client Name All other products and company names mentioned herein are trademarks or registered trademarks of their respective owners. The Splunk logo is a registered trademark of Splunk. Proprietary and Confidential Information shall include, but not be limited to, performance, sales, financial, contractual and special marketing information, ideas, technical data and concepts originated by the disclosing party, its subsidiaries and/or affiliates, not previously published or otherwise disclosed to the general public, not previously available without restriction to the receiving party or others, nor normally furnished to others without compensation, and which the disclosing party desires to protect against unrestricted disclosure or competitive use, and which is furnished pursuant to this document and appropriately identified as being proprietary when furnished. Any interception, review, retransmission, dissemination or other use of or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. The information transmitted in this document is intended only for the addressee and may contain confidential and/or privileged material. ![]() Splunk Use Case Repository Sept 29th 2016 ![]()
0 Comments
Leave a Reply. |