APPENDIX SECURITY ARCHITECTURE DOCUMENT REVIEW CHECKLIST

APPENDIXSECURITY ARCHITECTURE DOCUMENT REVIEW CHECKLIST

In Chapter 3 we introduced the security architecture document, which may exist as a stand-alone document or as part of broader IT or enterprise architecture documentation. The document cannot be exhaustive. However, when reviewing the finished document, reviewers should be able to answer the following questions:

Is the scope correct and complete, with all relevant systems, services and information assets identified?
Are out-of-scope systems, services and information assets clearly stated?
Are all information types classified according to the needs of the organisation?
Are all potential locations identified and mapped to access devices in use at each location – desktops, laptops, tablets, ...

Get Security Architect now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security Architect by Jon Collins

APPENDIXSECURITY ARCHITECTURE DOCUMENT REVIEW CHECKLIST

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly