To conduct review of the IT domains as stated under:
- IT Security Strategy- IT Long Range and Short Range Plan
- IT Governance
- IT Security Risk Management
- IT Security Policy and Procedure Document
- Trainings & Improvement
- Asset management and maintenance
- IT Inventory Management
- External party Service delivery management
- Logical Access control – Granting and maintaining access to information systems
- Physical Access control & Environment Controls over information assets
- Email and Internet access
- Password Management
- Data Protection
- Operations and Service Management including Capacity Planning
- Malicious Code Prevention
- Patch Management
- Backup & Restoration
- Application Security
- Network Security / Hardening /VAPT / Configuration Management
- Wireless Security
- Review of mechanism for Virus control
- Mobile Computing & End point security
- Log and Incident Management
- Licensing, Compliance and Audits
- Change Management
- Business continuity and Disaster recovery
- Adequacy and adherence of service level agreement for outsourced IT services
| Deliverables |
---|
Current State Assessment Report Recommendations Report Identification of Process Gaps , Inefficiencies in the current system , road map to implement improvement strategy with capex / opex investment required and phased implementation plan. |
|