Security Assessment Remediation (SAR)
Space shortcuts
Page tree
Skip to end of metadata
Go to start of metadata


Date

 

Time10.00 am
Duration60 mts
Location

Zoom

Zoom
Attendees

Ashish Pandit Unknown User (mkgill)  Achraf Adenane Nathalie Gholmieh 

Project/ProgramSecurity Assessment remediation - SAR 
Project BoardITS PMO 
Log Time
OTL
Objective(s)
  • Implement SAR Remediations. There are following items for the agenda

    1. Review feedback on decisions

    2. Review RA-16; RA-19; RA-25

Notes: 


Speaker DescriptionNotes
SAR Review the remediations that are ready for Security review

RA-128 – we will create a ticket. Let’s discuss the scope on Wednesday and who should it be assigned to

  • Install Sparion agent on all iPaaS servers - Ashish Pandit  
  • Setup a separate meeting to discuss firewall for inbound and outbound. include Daniel Q 
  • Review the need for an outbound firewall with Daniel Achraf Adenane 

RA-130 – It seems that it was tagged as outside the scope for iPaaS. This needs to be done at ITS level - confirmed to be out of scope

  •  Review with Mike and confirm that it is out of scope - Achraf Adenane 

RA-131 – This is “in progress”. SMT may accept this risk. Please see the document link (column M). We can discuss this on Wednesday.

  • Bring in Mike to HANA access discussion Achraf Adenane  
  • Setup a meeting with Mike, Judy, Kevin, OIA, and DIS

https://collab.ucsd.edu/display/IPAAS/HANA+Get_AH+access+How-To

RA-16 – Analysis ready for review

  • Create tasks to remediate prod-non prod environment Ashish Pandit  

RA-19 – Analysis ready for review

Out of scope

RA-25 – Closed (Already implemented)


Achraf Adenane to review and prioritize only risks that are scoped to iPaas (column I). If it needs to be done at ITS level, we need to track those separately in a different project.


New Remediations
  • Provide a prioritized list of remediation that can be worked on Achraf Adenane 
Write a comment...