- Activities of the IT&C system assessment stage As-Is
No Crt | Activity Details |
1 | Analysis of the communication system (diagram, topology, technologies, Wi-Fi) |
2 | Firewall system analysis |
3 | Analysis of technologies used at Infra IT level (Cloud, On-Premise, SaaS, PaaS, IaaS) |
4 | Analysis of Infra IT services used (e-mail system, authentication system, file sharing, storage system, backup and continuity system) |
5 | Analysis of access mode for mobile users (remote work) and the BYOD approach |
6 | Analysis of existing security solutions (antivirus, intrusion inspection and prevention (IDS / IPS), web filtering, email security, etc.) |
7 | DataCenter equipment status analysis (servers, storage, technologies used) |
8 | Analysis of directory authentication service (example: Active Directory and GPO security policies) |
9 | Current DataCenter analysis – equipment and alignment of dpdvd controls best practices |
10 | Brief analysis of existing IT policies and procedures |
11 | Deliverable, Report Realization As_Is + To Be with Conclusions and Alignment Recommendations |
- Examples and approaches with proposals Solutions To BE
THE PREMISES OF THE NEW IT&C ARCHITECTURE -TO BE CONCEPTUALLY HIGH LEVEL
- Estimated future implementation steps
* As part of the audit result, recommendations for implementing new solutions and/or improving existing ones will be concrete and detailed, with types of solutions, vendor names, implementation orders, relevant budgets. In this chapter we present the main categories that will be followed and possible future solutions for each category
- Establishing Data Center Architecture
- Implementation of an integrated communication system
- Consolidation of IT services in the new Main DataCenter (On-Premise or on Cloud)
- Choosing and implementing security controls for organization data
Technical controls
Administrative checks:
- Integrated communications and unified platforms
- Platforms to improve processes and reduce operational risks
Incident Management
IT Assets Management (CMDB- Centralized database with IT&C assets)
Applications to improve business processes*