Академический Документы
Профессиональный Документы
Культура Документы
0
Date
Document Control
Document Publication History
Document Prepared By
(SARA-IT)
Document Reviewed By
Document Approved By
Effective Date
Was Removed
Was
Removed
Iyad
Hawili
Abou
Role
Summary of Changes
Consultant
Initial draft
Department/Organization
SARA-IT
Purpose
Review & Approval
Was removed
3.
Document Approval History
Ver.
Date
Name
1.0
Role
Comments
SARA-IT
Was removed
Signature
For SARA-IT:
Iyad Abou Hawili
Confidential Document
Not to be circulated or reproduced without appropriate authorization
Abbreviation
IT
Information Technology
ISST
IS
Information Security
RA
Risk Assessment
VA
Vulnerability Assessment
PT
Penetration Testing
SOW
Statement of Work
WAN
LAN
WAS
REMOVED
WAS
REMOVED
Was removed
Was Removed
Confidential Document
Not to be circulated or reproduced without appropriate authorization
TABLE OF CONTENTS
ABBREVIATION .................................................................................................................................................. 3
1.
INTRODUCTION .......................................................................................................................................... 5
2.
PROJECT SCOPE.................................................................................................................................................. 6
2.2.
2.3.
3.
4.
4.2.
4.3.
5.
6.
7.
ASSUMPTIONS.......................................................................................................................................... 11
8.
8.2.
9.
10.
11.
Confidential Document
Not to be circulated or reproduced without appropriate authorization
1. Introduction
(Was removed) creates, designs, supervises and manages projects that have the potential to better
society. We build on our proven multidisciplinary expertise and offer regional urban planning and
comprehensive architectural and engineering consulting services. WAS REMOVED focuses on
delivering innovative solutions that meet clients' real needs.
With a history of success and a network of subsidiaries and sister companies, WAS REMOVED provide
our clients with an integrated approach to reliable project delivery in the evolving globalized world.
Proactive rather than reactive, WAS REMOVED are at the forefront of new specialties and
advantageous alliances.
WAS REMOVEDs services are all in-house, covering a broad spectrum of disciplines from architecture
to urban, transportation, energy, water, Geospatial Systems Integration, and oil & gas projects. We
enhance infrastructure, create new buildings, develop neighborhoods, and reshape entire cities.
Was Removed Integration, a Division of Was Removed, has requested from SARA-IT develop Risk
Assessment and Information Systems Security Testing to one of its clients in the gulf as part of a
solution provided by Was Removed.
To complete this project and meet Information Security goals and objectives, Was Removed has
engaged SARA-IT as a subcontractor to perform Risk Assessment and Information Systems Security
Testing (ISST) to the solution built by Was Removed to its client. This Risk Assessment and IS Security
Testing shall meet Was Removed Security Management Process and Information Security Policies.
Confidential Document
Confidential Document
4. Statement of Work
4.1. Phase 1: Project Initiation & System Study
Objectives
Deliverables
Systems Study
Asset Register
o Understand
the
key
business
processes and underlying Solution
infrastructure (Solution processes,
systems, network, applications &
Solution team).
Conduct
Comprehensive
Risk
Assessment for the Solution infrastructure
(information systems, & applications) that
constitute the Solution provided by WAS
REMOVED to their Client. This would
include:
Deliverables
Confidential Document
Deliverables
o Information
Systems
security
assessment
(Vulnerability
and
Penetration Testing) of sample IT
systems as a separate work stream
(applications and servers).
Confidential Document
Start Date
Was
Removed
End Date
Was
Removed
Was
Removed
Was
Removed
Was
Removed
Was
Removed
Was
Removed
Was
Removed
Was
Removed
Was
Removed
Confidential Document
6. Project Communications
During the course of the project, it will be important to communicate the schedule, progress and other
issues related to this project to key stakeholders. The following platforms & parameters shall be
considered for the same:
Process
Agenda
Weekly Project
Progress
Involvement
on
weekly
project
progress
1. SARA-IT
Frequency
Medium
Weekly
Monthly
Consultant
2. WAS
REMOVED
Project Sponsor
3. WAS
REMOVED
Project Manager
Project Review
1. Project
update
to
Project
1. SARA-IT
Consultant
2. WAS
REMOVED
Project Sponsor
1. WAS
REMOVED
Project Manager
2. WAS
REMOVED
Client
10
Confidential Document
7. Assumptions
1. Was Removed will assign a single point of contact for all project related deliverables and activities.
2. Was Removed will provide SARA-IT with all required information and access to relevant personnel
related to this project on a timely basis. Making all the documents, drawings, reports, facilities, WAS
REMOVED personnel and other resources needed, available for the development work is the
Responsibility of WAS REMOVED
3. Was Removed Project Team will coordinate actively with their client representative/s, wherever
required, during the course of the project.
4. Was Removed will be able to provide logistic support to SARA-IT while conducting discussions,
meetings, etc., that are relevant to this project.
5. Was Removed Client Representative/s appointed for this project should be well informed about the
Solution developed by Was Removed.
6. Was Removed would be able to manage request for meetings, presentations, documents, etc., in
the earliest possible manner. Any other support that will be needed for the satisfactory completion
of the work such as provision of printing, photocopying, meeting rooms, and other needs, etc. is
Was Removed responsibility.
7. Was Removed will provide review comments for all the deliverables within 5 working days after the
date of submission. Deliverable without the review feedback shall be treated as final after 5 days of
submission.
8. Members identified from Was Removed or their client to work on this project or activities related to
this project do accept the additional responsibilities assigned to them.
9. Necessary approvals such as conducting Risk Assessment, access to systems for data collection
for Vulnerability Assessment or Penetration Testing and others as deemed necessary are obtained
by Was Removed from their client and government agencies if needed.
10. SARA-IT will not be responsible for configuring or testing IT systems and other equipment procured
and implemented as a part of this project.
11. All deliverables submitted by SARA-IT will be developed and presented in English only.
11
Confidential Document
8. Project Team
8.1. Project Organization Structure
A formal structure of the project team is necessary to effectively coordinate and perform project related
activities. Thus, a project organization structure that supports seamless communication and ensures
tasks are completed as per timeline is defined as below:
SARA-IT Consultant
SARA-IT Technical
Assistant
12
Confidential Document
13
Confidential Document
6. Responsible for the overall success of the project from SARA-IT side.
7. Manage all expectations of Was Removed
8. Create Project Plan and track it on an ongoing basis.
9. Manage project deliverables in line with the project plan.
10. Ensure all project time lines are met
11. Ensure all deliverables meet the expectations of Was Removed
12. Provide project status updates to Was Removed management on a periodic basis
13. Ensure all assigned activities are completed on a timely basis
14. Maintains appropriate records of work in progress
15. Escalates all issues to project manager on a timely basis
14
Confidential Document
Your Response
Was Removed
15
SARA-IT
Name:
Role:
Role: Consultant/Owner
Signature:
Signature:
Date:
Date:
Confidential Document
16
Requestor
Impact
Date of
Approval
Approver
Confidential Document
Your Response
Was Removed
17
SARA-IT
Name:
Role:
Role: Consultant/Owner
Signature:
Signature:
Date:
Date:
Confidential Document