Group3 IM (Round2) by Nattawut Wichit (ณัฐวุฒิ วิจิตร์)

SED.1 System Development Life Cycle (Project Level)

nattawutw1 — 2023-11-05 13:35:02 UTC

process ensures that security considerations are integrated at every stage of the software development process.

Readiness : What's your org readiness level?

nattawutw1 — 2023-11-05 13:35:02 UTC

0-Not yet

1-Partially Implemented

2-Fully Implemented

Important : Could you scores important level?

nattawutw1 — 2023-11-05 13:35:02 UTC

0-Slightly Important

1-Medium Important

2-High Important

Satisfy : Do you satisfy information provided for each PD?

nattawutw1 — 2023-11-05 13:35:02 UTC

0-Unsatisfied

1-Satisfy

2-N/A

Organization Security

nattawutw1 — 2023-11-05 13:35:02 UTC

Security Foundation

nattawutw1 — 2023-11-05 13:35:02 UTC

Security Development

nattawutw1 — 2023-11-05 13:35:02 UTC

Security Operations

nattawutw1 — 2023-11-05 13:35:02 UTC

Security Regulations

nattawutw1 — 2023-11-05 13:35:02 UTC

SEF.1 Access Control

nattawutw1 — 2023-11-05 13:35:02 UTC

control encompasses who receives authentication information and what privileges that information

SEF.2 Physical & Environment Security

nattawutw1 — 2023-11-05 13:35:02 UTC

controls for employees who work remotely to helps prevent an unauthorized person

SEF.3 Cryptography

nattawutw1 — 2023-11-05 13:35:02 UTC

management and regulation of cryptographic techniques to protect sensitive data and communications

SEF.1 Access Control

nattawutw1 — 2023-11-05 13:35:02 UTC

control encompasses who receives authentication information and what privileges that information

SEF.2 Physical & Environment Security

nattawutw1 — 2023-11-05 13:35:02 UTC

controls for employees who work remotely to helps prevent an unauthorized person

SEF.3 Cryptography

nattawutw1 — 2023-11-05 13:35:02 UTC

management and regulation of cryptographic techniques to protect sensitive data and communications

SEO.1 Operations Security

nattawutw1 — 2023-11-05 13:35:02 UTC

project portfolio preparation develops a policy and goal for handling a collection of projects.

SEO.2 Incident Management

nattawutw1 — 2023-11-05 13:35:02 UTC

projects that are selected are provisioned according to the project portfolio management description.

SEO.3 Communication Security

nattawutw1 — 2023-11-05 13:35:02 UTC

control projects by analyzing problems from various project status information and customer-related issues to find ways to manage risks and take corrective action.

SEO.4 Business Continuity

nattawutw1 — 2023-11-05 13:35:02 UTC

team completes the project or operation, delivers the outputs, and conducts a post-project or operation review to identify lessons learned and opportunities for improvement.

SED.1 System Development Life Cycle (Project Level)

nattawutw1 — 2023-11-05 13:35:02 UTC

process ensures that security considerations are integrated at every stage of the software development process.

SEO.1 Operations Security

nattawutw1 — 2023-11-05 13:35:02 UTC

project portfolio preparation develops a policy and goal for handling a collection of projects.

SEO.2 Incident Management

nattawutw1 — 2023-11-05 13:35:02 UTC

projects that are selected are provisioned according to the project portfolio management description.

SEO.3 Communication Security

nattawutw1 — 2023-11-05 13:35:02 UTC

control projects by analyzing problems from various project status information and customer-related issues to find ways to manage risks and take corrective action.

SEO.4 Business Continuity

nattawutw1 — 2023-11-05 13:35:02 UTC

team completes the project or operation, delivers the outputs, and conducts a post-project or operation review to identify lessons learned and opportunities for improvement.

OSE.1 Asset Management

nattawutw1 — 2023-11-05 13:35:02 UTC

involves a comprehensive approach to managing organizational resources and data assets

OSE.2 Information Security Policies

nattawutw1 — 2023-11-05 13:35:02 UTC

involve formulating and enforcing clear policies that govern an organization's approach to information security, including risk assessment and mitigation.

OSE.3 Vendor Relationship

nattawutw1 — 2023-11-05 13:35:02 UTC

involves establishing and managing effective partnerships with third-party service providers while emphasizing information security

OSE.4 Organization of Information Security

nattawutw1 — 2023-11-05 13:35:02 UTC

involves structuring and managing information security effectively.

OSE.5 Human Resource Security

nattawutw1 — 2023-11-05 13:35:02 UTC

focuses on enhancing information security through workforce training and awareness.

OSE.1 Asset Management

nattawutw1 — 2023-11-05 13:35:02 UTC

involves a comprehensive approach to managing organizational resources and data assets

OSE.2 Information Security Policies

nattawutw1 — 2023-11-05 13:35:02 UTC

involve formulating and enforcing clear policies that govern an organization's approach to information security, including risk assessment and mitigation.

OSE.3 Vendor Relationship

nattawutw1 — 2023-11-05 13:35:02 UTC

involves establishing and managing effective partnerships with third-party service providers while emphasizing information security

OSE.4 Organization of Information Security

nattawutw1 — 2023-11-05 13:35:02 UTC

involves structuring and managing information security effectively.

OSE.5 Human Resource Security

nattawutw1 — 2023-11-05 13:35:02 UTC

focuses on enhancing information security through workforce training and awareness.

SER.1 Compliance

nattawutw1 — 2023-11-05 13:35:02 UTC

enforce Data Retention and encrypt Sensitive Data at Rest

SER.2 Satisfy Supplier Agreements

nattawutw1 — 2023-11-05 13:35:02 UTC

ensure compliance with laws, rules, and regulations

SER.1 Compliance

nattawutw1 — 2023-11-05 13:35:02 UTC

enforce Data Retention and encrypt Sensitive Data at Rest

SER.2 Satisfy Supplier Agreements

nattawutw1 — 2023-11-05 13:35:02 UTC

ensure compliance with laws, rules, and regulations

Group3 IM (Round2) by Nattawut Wichit (ณัฐวุฒิ วิจิตร์)

SED.1 System Development Life Cycle (Project Level)

Readiness : What's your org readiness level?

Important : Could you scores important level?

Satisfy : Do you satisfy information provided for each PD?

Organization Security

Security Foundation

Security Development

Security Operations

Security Regulations​

SEF.1 Access Control

SEF.2 Physical & Environment Security

SEF.3 Cryptography

SEF.1 Access Control

SEF.2 Physical & Environment Security

SEF.3 Cryptography

SEO.1 Operations Security

SEO.2 Incident Management

SEO.3 Communication Security

SEO.4 Business Continuity

SED.1 System Development Life Cycle (Project Level)

SEO.1 Operations Security

SEO.2 Incident Management

SEO.3 Communication Security

SEO.4 Business Continuity

OSE.1 Asset Management

OSE.2 Information Security Policies

OSE.3 Vendor Relationship

OSE.4 Organization of Information Security

OSE.5 Human Resource Security

OSE.1 Asset Management

OSE.2 Information Security Policies

OSE.3 Vendor Relationship

OSE.4 Organization of Information Security

OSE.5 Human Resource Security

SER.1 Compliance

SER.2 Satisfy Supplier Agreements

SER.1 Compliance

SER.2 Satisfy Supplier Agreements

Security Regulations

SEO.1 Operations Security

SEO.2 Incident Management

SEO.3 Communication Security

SEO.4 Business Continuity

SEO.1 Operations Security

SEO.2 Incident Management

SEO.3 Communication Security

SEO.4 Business Continuity

SER.1 Compliance

SER.2 Satisfy Supplier Agreements

SER.1 Compliance

SER.2 Satisfy Supplier Agreements