Implement ISDP concept
Purpose
The protection measures defined in the ISDP concept are implemented. Implementation is a prerequisite for testing the IT system.
Basic idea
The implementation of the ISDP concept creates the prerequisites for the testing of the IT system and for its operation.
HERMES-specific
The protection measures defined in the ISDP concept are implemented in the corresponding modules, e.g. business organization and IT system.
In the deployment organization module, the implementation of the technical protection measures is verified for preliminary acceptance before the deployment phase is released (with the decide on preliminary acceptance task).
Activities
-
Accompany the implementation of the protection measures
-
Document the implementation status in the ISDP concept
-
Update the residual risk assessment in the ISDP concept
-
Get approval for the ISDP concept with the residual risks from the project sponsor
Relationships
| Module | Task | Task responsibility | Outcome | Involved in creation of outcome |
|---|---|---|---|---|
| Information security and data protection | Implement ISDP concept | Project manager | ISDP measures | Operations manager, ISDP manager, Developer |
| Implement ISDP concept | Project manager | ISDP concept | Operations manager, Application owner, IT-architect |