Operational Scenarios

From wiki
Revision as of 09:35, 7 April 2021 by Greggory.elton (talk | contribs) (Created page with "<div class="center"><div style="float: right; z-index: 10; position: absolute; right: 0; top: 1;">File:JoinusonGCconnex.png|link=http://gcconnex.gc.ca/groups/profile/2785549...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
JoinusonGCconnex.png
ESAcontactus.png
GOC ESA.jpg
ESA Program Overview ESA Foundation ESA Artifacts ESA Initiatives ESA Tools and Templates ESA Reference Materials Glossary
ESA Backgrounder ESA Program Charter ESA Program Implementation Framework ESA Framework
ESA Program Processes ESA Program Life Cycle Integration Operational Scenarios Foundational Disciplines

Operational Scenarios

This section of the GC ESA Program Implementation Framework provides a brief description of the operational scenarios and key processes and activities required to support the delivery of the ESA Program activities. To learn more about them, please read the GC ESA Program Implementation Framework. A detailed description of the stakeholders and their roles and responsibilities are further outlined in the GC ESA Program Charter.


IT Security Risk Management Activities

The image below details the proposed GC IT security risk management activities and outputs that can help departments with security risk management processes and information system security integration processes outlined in CSE's ITSG-33: IT Security Risk Management: A Lifecycle Approach. It includes the following activities:

  1. Develop GC Enterprise Threat Assessment
  2. Define GC Enterprise security needs and requirements
  3. Develop target and transition architectures
  4. Develop use cases and patterns
  5. Develop Security Requirements Traceability Matrix (SRTM) and Security Controls Mapping Matrix (SCMM)
  6. Monitoring and Oversight

For more details about these and other activities, please read the ESA Program Implementation Framework.

File:GC IT Security Risk Management Process.PNG
GC IT Security Risk Management Process


ESA Trade Study Criteria and Process

This section identifies suggested criteria for use in trade studies to select products for an initiative. A trade study (aka "options analysis") is developed to identify the most appropriate technical solutions among a set of proposed optional solutions, with the goal of finding a balance between the requirements, constraints, project or program limitations, and the technical functionality that could be adopted. The trade study process would use a tool or spreadsheet, like the one pictured below, for an underlying detailed analysis that would capture the evaluation method, required justifications, and algorithm for calculating the score for each criterion. For more information about the trade study criteria and process for the ESA program, please read the GC ESA Program Implementation Framework.

File:Trade Study Results Table.PNG
Trade Study Results Table


References

Retrieved from "https://wiki.gccollab.ca/index.php?title=Operational_Scenarios&oldid=45594"