IT Process Institute © 2003-2016, All rights reserved.
RESEARCH | BENCHMARKING | PRESCRIPTIVE GUIDANCE
“This second edition leverages the four phases laid out in the first edition, taking into account the state of today’s IT environment. The core concepts are just as valid today as they were five years ago.” Scott Alldridge, President, IT Process Institute
Visible Ops Security addresses the people side of IT, empowering security to work with operations teams to achieve closely aligned objectives and with development and release teams to integrate security requirements into pre-production work.
The Visible Ops Security methodology helps IT organizations move beyond a focus on technology to address the core operational aspects of security. It promotes effective teamwork, which helps security professionals ensure that security is built into key development and production processes.
Visible Ops Security guides information security professionals in strengthening relationships with IT operations and development groups to advance IT objectives and business goals. This book provides all security and IT operations professionals a solid approach to meeting security goals by working with and through other functional groups within IT.
VWhen information security sufficiently integrates into IT operations, both groups can better manage risks, and meet operational commitments.
Phase 1 – Stabilize the patient and get plugged into production
Integrate information security into daily IT operations to more effectively manage both information security and operational risks. Both groups will stop undoing each other’s work.
Phase 2 – Find business risk and fix fragile artifacts
Identify the greatest business risks, discover critical IT functionality, and ensure controls are adequate.
Phase 3 – Implement development and release controls
Move upstream in the software lifecycle to get security involved in development, project management, and release management functions
Phase 4 – Enable continual improvement
For each phase and task, implement metrics that help assess the short-term progress and long-term health of the various processes and controls.
|Studying Top Performers|