Description
Function Description:
Implement Security Testing in line with the international reference model The Standard of Good Practice for Information Security' into the current Test Process of client, including a Control Model for Test managers and RASCI for executing the test process.
Tasks:
-Security Testing implemented within the Test Process of client including a Process description, Control Model for Test managers, so Security testing and BIV classification is part of formal acceptance
-Security Checks implemented within the Quality Gate Process of the V-Model
-Governance model, Clear Roles and responsibility for executing Security testing within the Test Process (RASCI)
-Framework for Test scripts; Templates, Checklists, Procedures and KPI's created for executing Security testing within the Test Process
-Insight in the competence gap of Securit testing within TM&D and other departments for executing Security testing within the Test Process
-Insight in the gap of needed Tooling for Security testing
-Selection, Preparation, Supporting and Evaluation of a pilot project.
-Report or initiation document for the next phase including advice for improvements and roadmap to implement