Updates (01 Jun - 05 Jun 2020)
Progress / Completed
- VM - Vulnerability Tracking & Risk Deviation / Acceptance Tracking (ongoing):
- Corporate Approved Tools - GRC
- Define minimum requirements to be used a standard of Corporate Approved Tools
- Data Classification - GRC
- Revisit and update Guidelines
- Traveloka EISA
- EISA - Start working on OKR Draft:
- Set Goals (EISA Objectives, Priorities, and Scope)
- EISA OPS - Draft finalization
- Create or Determine a Current Detailed Profile (CDF);
- Create a Target Detailed Profile;
- Analyzed Any Gaps and Identify the Actions Needed;
- Implementation;
- Continual Improvement.
- EISA - Framework & Tools Draft
- EISA - PAT (Profile Assessment Tool - Current Detailed Profile)
- EISA - IPT (Implementation Tool - Target Profile)
- EISA - MR (Maturity Report)
- EISA - CMM (Capability Maturity Model)
- EISA - PRIORITY (Domain / Control Priority)
Plan / Work in progress
- EISA
- EISA OKR - Approval
- EISA Objectives, Priorities, and Scope - Approval
- EISA Framework & Tools - Approval
- Data Classification - GRC
- Data Classification Self Assessment Questionnaires (SAQ) - Finalization
- Corporate Approved Tools - GRC
- Create Standard/Guidelines and Procedures
- Vulnerability Tracking (ongoing):
- Identify vulnerability level, risk rating, and provide recommendation;
- Coordinating with users / product owners for the identified vulnerability;
- Follow up correction and corrective action for the identified vulnerability;
- Risk Deviation / Acceptance Tracking (ongoing):
- Coordinating with users / product owners for the risk deviation / acceptance
Roadblocks / Problems
-
Misc
-