ISO27001 Centification for DSH has completed the Initial Risk Analysis and planning is under way.
- Report Date
- October 2018
Report For October 2018
Achievements in the last Period.
The 2nd Iteration of The Security Risk Assessment has been delivered.
We reviewed the above and the accompanying report and agreed an initial set of actions to push us toward an agreed plan.
WE have agreed that we will need high level requirements drawn up before we can select any products or services.
Initial plan is in progress. With meeting planned to initiate the primary work packages.
Key Tasks For Next Period
Get high level requirements for SIEM from the technical team.
Initiate the Governance, Roles and Responsibilities, Statement of Applicability and HR Work packages.
Refine and agree plan.
Clarify when we'll get the key dependencies;
- For Policies and Procedures to progress, we need the UoE Level Standards from IS Security.
- For Incident Management, we need Signed of the UoE Level Incident Management Policy signed off.
Issues
The Technical have been pretty well pulled into other non DSH work that is currently deemed higher priority. This will have significant impact potentially until the end of the year.
Milestones
| Stage | Milestone | Due Date | Previous Date | Complete | |
|---|---|---|---|---|---|
| Plan | Begin Primary Work Packages | 13-Nov-2018 | No date available | No | |
| Deliver | Complete Primary Work Packages. | 31-Jan-2019 | No date available | No | |
| Initiate | Initiate Traunch 2 Work Packages. | 31-Jan-2019 | No date available | No | |
| Analyse | Clarify Dependency for Policy and Procedures. | 31-Jan-2019 | No date available | No | |
| Analyse | Clarify Dependency for Incident Management. | 31-Jan-2019 | No date available | No | |
| Deliver | Complete Traunch 2 Work Packages. | 31-Jul-2019 | No date available | No |