Dated: 14-11-2024
Ch03. what is the 8-step Methodology for Security Hardening (part 3)
Step 5: Implement Controls on Test Setup
- Relevant IT team to implement controls on test setup
- Update checklist
- Update SOP (if necessary)
- Send checklist back to InfoSec team
Step 6: Validation of Control Implementation (by Infosec team)
- InfoSec resource with relevant domain knowledge
- Conduct preparation before actual validation (study controls)
- Update checklist with status column
Step 7: Change Management Process for Production
- ISMC receives validation status from InfoSec team
- Relevant dept head takes up change management process and prepares for shifting to PROD
- Rollback, impact etc
Step 8: Implement on Prod & Monitor
- Monitor closely for 24-48 hours after moving to PROD
- Rollback in case of unforeseen circumstances
- IT team SOP finalized and now ops task