ISO27001 Centification for DSH has completed the Initial Risk Analysis and planning is under way.
- Report Date
- January 2018
Report For January 2018
Achievements in the last Period.
Technical Controls
SIEM – Splunk Neil Kell has highlighted a standard, GPG13 (Good practice guide) that would satisfy our ISO27001 SIEM guidelines. Splunk has a plugin app for this standard. We discussed this with the Splunk service team who will look for the ‘right’ consultant to assist us with this. Splunk stated that they will give us an instructional pds to enable us to integrate splunk with our Log Insight logs on the 4th of Feb. Once Stephen has this he’ll try it out. Splunk were pretty non-committal as to when they would be able to give us the required consultant to support us.
Management Cluster Upgrade We have a quote for an R630. We need this requoted with more RAM. We need a quote for the VMWare required to run on this Hypervisor.
Cage. This is ordered and we should get a delivered date over the next week or two. Paul Hutton is aware.
IDS / IPS This isn’t going ahead. Stephen has document the reasons.
Encryption. We have a meeting with Thales (through Softcat) on Wednesday. I would hope after that we will have an idea of direction. The disks to support the TSM Encryption have been ordered and Ian Wilkes is here from the 5th Feb.
Governance First Security Working Group is scheduled for next week. Agenda will be agreed and circulated beforehand. Project Board will be reinitialised two weeks later. ToRs have been created and distributed for both meetings.
Roles and Responsibilities These have pretty much been documented and agreed. We will target completing and signing off this task by 31st Jan 2019.
Policy and Procedures. We have received the bulk of the standards. These are at varying levels of completion and some are still outstanding but there is more than enough for us to progress with Procedures. We are going through the standards and identifying high level procedures. These will in turn be assigned to individuals for completion. Initial target is to complete this by end of March. 19. This represents the progress we have made on the components we have started.
Key Tasks For Next Period As above.
Issues As usual key issues are resource related. Operational Staff allocated to the project appear to be spending the bulk of there time on 'Operational' tasks with little or no Project work being carried out. Technical resource is constrained by not being able to hire the agreed additional resource.
Milestones
| Stage | Milestone | Due Date | |
|---|---|---|---|
| Analyse | Clarify Dependency for Incident Management. | 31-Jan-2019 | |
| Plan | Agree Plan for SIEM (Splunk) | 31-Jan-2019 | |
| Plan | Agree Scope For IDS / IPS | 31-Jan-2019 | |
| Plan | Agree Initial Plans for All Other Components | 31-Jan-2019 | |
| Plan | Complete Plan. | 28-Feb-2019 | |
| Deliver | Complete Policy and Procedures. | 31-Mar-2019 | |
| Close | Close Project | 31-Dec-2019 |