...
2. How to ensure the TIER product set is developed securely (March through August, 2016):
a. Based on standards and/or best practices, consider the following:
i. Software development lifecycle
...
3. Develop secure coding standards
ii. Determine the necessary software development documentation
...
3. How to ensure the TIER product set is tested securely (March through August, 2016):
a. Based on standards and/or best practices, consider the following:
i. Software testing
1. Adequacy of testing environments
...
4. How to ensure the TIER product set is operated securely (March through August, 2016):
a. Based on standards and/or best practices, consider the following:
i. Change Management
ii. Incident/Breach response protocols
1. Detection
2. Notification
iii. Audit evidence and trails
...
iv. Data lifecycle management
1. Creation, Storage and Retention of information
...
5. Best practices in engaging TIER products to improve campus Security (Sept 16 through June 17)
a. Determine metrics and reporting available from/through TIER
i. Set of KPIs to assure service is working effectively
ii. KPIs to identify identity/access anomalies
b. Logging
i. How to enable log management to support campus security?
1. Log configuration, dashboards, etc.
c. Data Analytics
i. How to leverage TIER data for campus security?
ii. Data elements to mine
d. Determine the security relevant documentation necessary to provide to campus contacts