Planning and Delivery are in Progress.
- Report Date
- February 2019
Report For February 2019
Achievements in the last Period.
Technical Controls
SIEM – Splunk Neil Kell has highlighted a standard, GPG13 (Good practice guide) that would satisfy our ISO27001 SIEM guidelines.
We had a Splunk consultant onsite last week or three days. From this we identified that our key issue would pre work that we would need to do to ingest log files which had been previously been ingested by log insight.
We have the same consultant on site next week (3rd March). I would hope by the end of that week we would have resolved that issue and be well on the way to delivering GPG13 and therefore closing all the ISO27001 risks.
There may be more work required on top of this to get us to the point of a fully functional SIEM that we can demo as a Proof Of Concept to the wider University. This may require a priority call.
Encryption.
Key management and encryption solution selected and ordered. This is scheduled for delivery and installation early April.
Management Cluster Upgrade
We have a quote for an R630. We need this requoted with more RAM. We need a quote for the VMWare required to run on this Hypervisor.
IDS / IPS
This isn’t going ahead. See Risk Treatment plan for details.
Governance
Project Board and Security Working Group are defined and in place.
Policy and Procedures
These are in progress.
Incident Management
Meetings on-going trying to clarify the status of required standards and procedures from a Data Safe Haven Perspective.
Physical Security Review
We (A.Todd/N.Kell) reviewed the ACF ISO27001 Scope with the EPCC ISO Person (Anne Whiting).
We agreed that the ACF Certification would in all likelyhoods cover all that is required for DSH at the ACF and Anne would send through the required documents.
Neil Carried out an initial Site Audit of the JCMB Data Centre. This will be circulated. While there were issues, we should still pass regardless once the Cage is in place.
The cage is scheduld to be deploted on the 1st Of April.
We still have a number of SOPs related to the Data Centres and key management, but these are in hand.
Medial Destruction Certificates
This will be written in due course as part of the Procedures effort.
We'll need to put a key lock into the JCMB DC. This has been agreed and will be done imminently.
Key Tasks For Next Period
- As above.
Milestones
| Stage | Milestone | Due Date | Previous Date | Complete | |
|---|---|---|---|---|---|
| Plan | Complete Plan. | 28-Feb-2019 | No date available | No | |
| Deliver | Governance | 28-Feb-2019 | No date available | No | |
| Deliver | Roles and Responsibilities | 31-Mar-2019 | No date available | No | |
| Deliver | Performance Metrics | 30-Apr-2019 | No date available | No | |
| Deliver | Incident Management. | 31-May-2019 | No date available | No | |
| Deliver | Complete Policy and Procedures. | 31-May-2019 | No date available | No | |
| Deliver | Implement SIEM (Splunk) | 30-Jun-2019 | No date available | No | |
| Deliver | Cryptography and Key management | 31-Aug-2019 | No date available | No | |
| Deliver | Asset Management | 30-Nov-2019 | No date available | No | |
| Close | Close Project | 31-Dec-2019 | No date available | No |