SlideShare una empresa de Scribd logo

Security Access Control Requirements Gathering Pack

Descargar como PPTX, PDF
A
Amy Slater

This is a pack that I create to gather business requirements for a new Security Access Control system. It inlcudes basic questions that you should ask when completing an initial scoping exercise.

Tecnología
1 de 21
Access Control Requirements Gathering Session 1
• The business requirements will form the basis of future projects and will determine the eventual scope. • If a ‘need’ is not raised as a requirement, the project will not know that the system must perform an action- therefore it will not be included within the scope of the project or included within the end solution. • The requirements will be base-lined at the end of the Initiate Phase. Any requirements submitted after this date will not be accepted without a change request and associated funding (where applicable). • The identified business stakeholders are responsible for ensuring that all requirements are raised during the Initiate Requirements gathering process. The Importance of Requirement Gathering
• Review each area of Access Control functionality. • Prepare a set of draft Access Control BUSINESS requirements for each of the functional areas. • Agree a priority for each draft requirement. • Agree next steps, actions and areas for further investigation. Workshop 1 Objectives
Defining the Threat- Review
• What threats are present? • What are the drivers for an access control system? i.e. controlling visitor numbers, protecting people, protecting assets, anti-tailgating, anti-pass back, etc? • Who and what are we trying to protect? Defining the Nature of the Threat- Discussion
Areas of Concern
• What general areas need to be controlled?- areas, rooms, locations etc? • What exceptions exist?- i.e. Fire Exits etc? • What areas require enhanced access control?- i.e. Equipment Rooms, Data Centres etc • Why do these areas need to be controlled? What is the related threat? • What is the level of risk associated with these areas? • What is the function of installing control in these areas? Areas of Concern (General)- Discussion
• What vulnerable points exist for each area to be controlled?- doors, windows, air conditioning shafts, conduits etc • What points should have access control? • Should access be controlled on a location by location basis or should access be controlled to area ‘types’? Areas of Concern (Specific)- Discussion
Health & Safety
• Are there any legal requirements? Health & Safety or Disability & Discrimination Act? • How should access control act in case of an emergency?- i.e. release on emergency? • What is the definition of an emergency? • What fire officer requirements exist? • What provisions should be granted to the blue light services? • What are the requirements for disabled access? • When will the access system be operation? 247/ 365 or night time only? Health & Safety- Discussion
Type of Access Control
• Should the system be automatic or manned? • What types of barriers should be used for each of the areas in scope?- door locks, arm barriers, vehicle block devices etc? • What types of additional barriers should be used for the priority locations?- electronic keys, finger print scanning? • What type of verification measures should be used? Electronic key card, IRIS scan, Finger print recognition, ID codes, keys etc. • What should the user do when access is denied? Should an intercom system be present? Types of Access Control- Discussion
• How often will the access control be used in each of the areas? • What level of security should be in place? • If the power drops what should happen? • Anti-Tamper mechanisms? Technical Details Discussion
Operational Considerations
• How will access control be managed?- customer, Staff, Disabled Visitors/ Staff, Contractors etc? • What information will be captured against each person granted access? Name, address, role, date given, expiry date etc? • What period should access be granted for? • What types of protected access should be provided? • How will deliveries be controlled? • Where will data entry and monitoring of alarm activity take place? • How will data for entry or modification be gathered? • How will security clearance be processed? Operational Issues- Discussion
Integration to Other Systems
• Should there be integration between the Access Control System and other systems? i.e. CCTV system? • What information should pass between the systems? Integration Discussion
Management Information, Reporting & Maintenance
• What information should the system capture? • Successful access- user ID, time, location etc.? • Unsuccessful access- user ID, time, location, number of attempts etc.? • Should information be captured and available to view in real time? i.e. should it be possible to identify where an individual is located at all time? • What reports should be available from the system? • Should the system automatically alert based on event triggers? If so, what events should trigger alerts and how should the system alert? • What should the system do in the event of a breach? – i.e. a door is forced? Management Information & Reporting Discussion
• What should the system do in the event that an access control point fails in the following scenarios: • Access point looses power • Access point fails- i.e. reader not able to read card • Access point operational but input not detected- i.e. an issue with the card. • Access point breached? Support & Maintenance Discussion
Any Questions?

Recomendados

IT / Help Desk Support Service : Introduction, Advantage, Trend
IT / Help Desk Support Service : Introduction, Advantage, TrendIT / Help Desk Support Service : Introduction, Advantage, Trend
IT / Help Desk Support Service : Introduction, Advantage, TrendVoyage Services Inc.
 
Provide first level remote help desk support
Provide first level remote help desk supportProvide first level remote help desk support
Provide first level remote help desk supportGera Paulos
 
Technical Support Helpdesk
Technical Support HelpdeskTechnical Support Helpdesk
Technical Support HelpdeskGagan Singh
 
Helpdesk Services
Helpdesk ServicesHelpdesk Services
Helpdesk ServicesGss America
 
Agile Requirements Gathering Techniques
Agile Requirements Gathering TechniquesAgile Requirements Gathering Techniques
Agile Requirements Gathering TechniquesOnur Demir
 
business requirements functional and non functional
business requirements functional and non functionalbusiness requirements functional and non functional
business requirements functional and non functionalCHANDRA KAMAL
 
ITIL and Autotask: Incident & Problem Management
ITIL and Autotask: Incident & Problem ManagementITIL and Autotask: Incident & Problem Management
ITIL and Autotask: Incident & Problem ManagementAutotask
 
Running an Efficient Service Desk
Running an Efficient Service DeskRunning an Efficient Service Desk
Running an Efficient Service DeskAutotask
 

Recomendados

IT / Help Desk Support Service : Introduction, Advantage, Trend
IT / Help Desk Support Service : Introduction, Advantage, TrendIT / Help Desk Support Service : Introduction, Advantage, Trend
IT / Help Desk Support Service : Introduction, Advantage, TrendVoyage Services Inc.
 
Provide first level remote help desk support
Provide first level remote help desk supportProvide first level remote help desk support
Provide first level remote help desk supportGera Paulos
 
Technical Support Helpdesk
Technical Support HelpdeskTechnical Support Helpdesk
Technical Support HelpdeskGagan Singh
 
Helpdesk Services
Helpdesk ServicesHelpdesk Services
Helpdesk ServicesGss America
 
Agile Requirements Gathering Techniques
Agile Requirements Gathering TechniquesAgile Requirements Gathering Techniques
Agile Requirements Gathering TechniquesOnur Demir
 
business requirements functional and non functional
business requirements functional and non functionalbusiness requirements functional and non functional
business requirements functional and non functionalCHANDRA KAMAL
 
ITIL and Autotask: Incident & Problem Management
ITIL and Autotask: Incident & Problem ManagementITIL and Autotask: Incident & Problem Management
ITIL and Autotask: Incident & Problem ManagementAutotask
 
Running an Efficient Service Desk
Running an Efficient Service DeskRunning an Efficient Service Desk
Running an Efficient Service DeskAutotask
 
Requirements Management Part 1 - Management and Elicitation
Requirements Management Part 1 - Management and ElicitationRequirements Management Part 1 - Management and Elicitation
Requirements Management Part 1 - Management and ElicitationMohamed Shaaban
 
Managing a Major Incident
Managing a Major IncidentManaging a Major Incident
Managing a Major IncidentNUS-ISS
 
Technical Support Manual Training
Technical Support Manual TrainingTechnical Support Manual Training
Technical Support Manual TrainingSuperb Internet Training Division
 
Strategies for adopting self service and automation
Strategies for adopting self service and automationStrategies for adopting self service and automation
Strategies for adopting self service and automationDan Wilson
 
Resume - Sanjit Mitra
Resume - Sanjit MitraResume - Sanjit Mitra
Resume - Sanjit MitraSanjit Mitra
 
Requirements Diligence: The Cornerstone to Ecommerce Project Success
Requirements Diligence: The Cornerstone to Ecommerce Project SuccessRequirements Diligence: The Cornerstone to Ecommerce Project Success
Requirements Diligence: The Cornerstone to Ecommerce Project SuccessElastic Path
 
End User Support Presentation
End User Support Presentation End User Support Presentation
End User Support Presentation Self employed
 
Writing effective requirements
Writing effective requirementsWriting effective requirements
Writing effective requirementsLiz Lavaveshkul
 
Help Desk Presentation 09202009
Help Desk Presentation 09202009Help Desk Presentation 09202009
Help Desk Presentation 09202009guest75acf2
 
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIA
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIAJOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIA
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIAHoward Thebeyapelo
 
Naveen Kumar Srivastav
Naveen Kumar SrivastavNaveen Kumar Srivastav
Naveen Kumar SrivastavNaveen Srivastav
 
Uncovering the Business Value of Managed IT Services
Uncovering the Business Value of Managed IT ServicesUncovering the Business Value of Managed IT Services
Uncovering the Business Value of Managed IT ServicesNet at Work
 
Asset Management Leading Practices
Asset Management Leading PracticesAsset Management Leading Practices
Asset Management Leading Practicesjohnnyg14
 
IFS Service Desk
IFS Service DeskIFS Service Desk
IFS Service DeskEnvecon
 
06 business and functional requirements
06 business and functional requirements06 business and functional requirements
06 business and functional requirementsNamita Razdan
 
ASUG Utilities Presentation
ASUG Utilities PresentationASUG Utilities Presentation
ASUG Utilities PresentationMichael Robinson
 
BPSim The Technical Support Use Case
BPSim The Technical Support Use CaseBPSim The Technical Support Use Case
BPSim The Technical Support Use CaseDenis Gagné
 
Erp process flow
Erp process flowErp process flow
Erp process flowKannathasan Meipporul
 
Requirements Management
Requirements ManagementRequirements Management
Requirements ManagementShwetha-BA
 
Surveillance Systems: Their Role in Identifying Risk and Resilience Factors
Surveillance Systems: Their Role in Identifying Risk and Resilience FactorsSurveillance Systems: Their Role in Identifying Risk and Resilience Factors
Surveillance Systems: Their Role in Identifying Risk and Resilience Factorsippnw
 
CRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshopCRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshopTrilateral Research
 
Matrix Video Surveillance Solution: SATATYA - The Persistent Vision
Matrix Video Surveillance Solution: SATATYA - The Persistent Vision Matrix Video Surveillance Solution: SATATYA - The Persistent Vision
Matrix Video Surveillance Solution: SATATYA - The Persistent VisionMatrix Comsec
 

Más contenido relacionado

La actualidad más candente

Requirements Management Part 1 - Management and Elicitation
Requirements Management Part 1 - Management and ElicitationRequirements Management Part 1 - Management and Elicitation
Requirements Management Part 1 - Management and ElicitationMohamed Shaaban
 
Managing a Major Incident
Managing a Major IncidentManaging a Major Incident
Managing a Major IncidentNUS-ISS
 
Strategies for adopting self service and automation
Strategies for adopting self service and automationStrategies for adopting self service and automation
Strategies for adopting self service and automationDan Wilson
 
Resume - Sanjit Mitra
Resume - Sanjit MitraResume - Sanjit Mitra
Resume - Sanjit MitraSanjit Mitra
 
Requirements Diligence: The Cornerstone to Ecommerce Project Success
Requirements Diligence: The Cornerstone to Ecommerce Project SuccessRequirements Diligence: The Cornerstone to Ecommerce Project Success
Requirements Diligence: The Cornerstone to Ecommerce Project SuccessElastic Path
 
End User Support Presentation
End User Support Presentation End User Support Presentation
End User Support Presentation Self employed
 
Writing effective requirements
Writing effective requirementsWriting effective requirements
Writing effective requirementsLiz Lavaveshkul
 
Help Desk Presentation 09202009
Help Desk Presentation 09202009Help Desk Presentation 09202009
Help Desk Presentation 09202009guest75acf2
 
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIA
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIAJOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIA
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIAHoward Thebeyapelo
 
Uncovering the Business Value of Managed IT Services
Uncovering the Business Value of Managed IT ServicesUncovering the Business Value of Managed IT Services
Uncovering the Business Value of Managed IT ServicesNet at Work
 
Asset Management Leading Practices
Asset Management Leading PracticesAsset Management Leading Practices
Asset Management Leading Practicesjohnnyg14
 
IFS Service Desk
IFS Service DeskIFS Service Desk
IFS Service DeskEnvecon
 
06 business and functional requirements
06 business and functional requirements06 business and functional requirements
06 business and functional requirementsNamita Razdan
 
ASUG Utilities Presentation
ASUG Utilities PresentationASUG Utilities Presentation
ASUG Utilities PresentationMichael Robinson
 
BPSim The Technical Support Use Case
BPSim The Technical Support Use CaseBPSim The Technical Support Use Case
BPSim The Technical Support Use CaseDenis Gagné
 
Requirements Management
Requirements ManagementRequirements Management
Requirements ManagementShwetha-BA
 

La actualidad más candente (19)

Requirements Management Part 1 - Management and Elicitation
Requirements Management Part 1 - Management and ElicitationRequirements Management Part 1 - Management and Elicitation
Requirements Management Part 1 - Management and Elicitation
 
Managing a Major Incident
Managing a Major IncidentManaging a Major Incident
Managing a Major Incident
 
Technical Support Manual Training
Technical Support Manual TrainingTechnical Support Manual Training
Technical Support Manual Training
 
Strategies for adopting self service and automation
Strategies for adopting self service and automationStrategies for adopting self service and automation
Strategies for adopting self service and automation
 
Resume - Sanjit Mitra
Resume - Sanjit MitraResume - Sanjit Mitra
Resume - Sanjit Mitra
 
Requirements Diligence: The Cornerstone to Ecommerce Project Success
Requirements Diligence: The Cornerstone to Ecommerce Project SuccessRequirements Diligence: The Cornerstone to Ecommerce Project Success
Requirements Diligence: The Cornerstone to Ecommerce Project Success
 
End User Support Presentation
End User Support Presentation End User Support Presentation
End User Support Presentation
 
Writing effective requirements
Writing effective requirementsWriting effective requirements
Writing effective requirements
 
Help Desk Presentation 09202009
Help Desk Presentation 09202009Help Desk Presentation 09202009
Help Desk Presentation 09202009
 
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIA
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIAJOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIA
JOB POST: SAP WORKFLOW & PA/ OM FUNCTIONAL CONSULTANT - PRETORIA
 
Naveen Kumar Srivastav
Naveen Kumar SrivastavNaveen Kumar Srivastav
Naveen Kumar Srivastav
 
Uncovering the Business Value of Managed IT Services
Uncovering the Business Value of Managed IT ServicesUncovering the Business Value of Managed IT Services
Uncovering the Business Value of Managed IT Services
 
Asset Management Leading Practices
Asset Management Leading PracticesAsset Management Leading Practices
Asset Management Leading Practices
 
IFS Service Desk
IFS Service DeskIFS Service Desk
IFS Service Desk
 
06 business and functional requirements
06 business and functional requirements06 business and functional requirements
06 business and functional requirements
 
ASUG Utilities Presentation
ASUG Utilities PresentationASUG Utilities Presentation
ASUG Utilities Presentation
 
BPSim The Technical Support Use Case
BPSim The Technical Support Use CaseBPSim The Technical Support Use Case
BPSim The Technical Support Use Case
 
Erp process flow
Erp process flowErp process flow
Erp process flow
 
Requirements Management
Requirements ManagementRequirements Management
Requirements Management
 

Destacado

Surveillance Systems: Their Role in Identifying Risk and Resilience Factors
Surveillance Systems: Their Role in Identifying Risk and Resilience FactorsSurveillance Systems: Their Role in Identifying Risk and Resilience Factors
Surveillance Systems: Their Role in Identifying Risk and Resilience Factorsippnw
 
Matrix Video Surveillance Solution: SATATYA - The Persistent Vision
Matrix Video Surveillance Solution: SATATYA - The Persistent Vision Matrix Video Surveillance Solution: SATATYA - The Persistent Vision
Matrix Video Surveillance Solution: SATATYA - The Persistent VisionMatrix Comsec
 
CCTV Systems from CCTVfirst
CCTV Systems from CCTVfirstCCTV Systems from CCTVfirst
CCTV Systems from CCTVfirstAneetahari
 
Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4
Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4
Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4David Dunlap
 
Itech cdc malaria surveillance project sow 10.10.11
Itech cdc malaria surveillance project sow 10.10.11Itech cdc malaria surveillance project sow 10.10.11
Itech cdc malaria surveillance project sow 10.10.11Nancy Coq
 
Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...
Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...
Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...Fatemeh Ahmadi
 
Security CCTV System Requirements Gathering Pack
Security CCTV System Requirements Gathering PackSecurity CCTV System Requirements Gathering Pack
Security CCTV System Requirements Gathering PackAmy Slater
 
Unlisted real estate funds lecture (1) (1)
Unlisted real estate funds lecture (1) (1)Unlisted real estate funds lecture (1) (1)
Unlisted real estate funds lecture (1) (1)Lj Wicks
 

Destacado (11)

Surveillance Systems: Their Role in Identifying Risk and Resilience Factors
Surveillance Systems: Their Role in Identifying Risk and Resilience FactorsSurveillance Systems: Their Role in Identifying Risk and Resilience Factors
Surveillance Systems: Their Role in Identifying Risk and Resilience Factors
 
CRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshopCRISP WP3 stakeholder workshop
CRISP WP3 stakeholder workshop
 
Matrix Video Surveillance Solution: SATATYA - The Persistent Vision
Matrix Video Surveillance Solution: SATATYA - The Persistent Vision Matrix Video Surveillance Solution: SATATYA - The Persistent Vision
Matrix Video Surveillance Solution: SATATYA - The Persistent Vision
 
CCTV Systems from CCTVfirst
CCTV Systems from CCTVfirstCCTV Systems from CCTVfirst
CCTV Systems from CCTVfirst
 
Satori WP1 slides
Satori WP1 slidesSatori WP1 slides
Satori WP1 slides
 
Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4
Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4
Stingray Partners-Draft Infrastructure One Presentation-April 2015 - A4
 
Itech cdc malaria surveillance project sow 10.10.11
Itech cdc malaria surveillance project sow 10.10.11Itech cdc malaria surveillance project sow 10.10.11
Itech cdc malaria surveillance project sow 10.10.11
 
Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...
Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...
Surveillance and E-Government: Real and Potential Threats to Privacy in Europ...
 
Security CCTV System Requirements Gathering Pack
Security CCTV System Requirements Gathering PackSecurity CCTV System Requirements Gathering Pack
Security CCTV System Requirements Gathering Pack
 
Safe City 1.0
Safe City 1.0Safe City 1.0
Safe City 1.0
 
Unlisted real estate funds lecture (1) (1)
Unlisted real estate funds lecture (1) (1)Unlisted real estate funds lecture (1) (1)
Unlisted real estate funds lecture (1) (1)
 

Similar a Security Access Control Requirements Gathering Pack

crisc_wk_4.pptx
crisc_wk_4.pptxcrisc_wk_4.pptx
crisc_wk_4.pptxdotco
 
What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...
What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...
What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...Accellis Technology Group
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptxdotco
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
experience_and_perspective_of_security_installation.ppt
experience_and_perspective_of_security_installation.pptexperience_and_perspective_of_security_installation.ppt
experience_and_perspective_of_security_installation.pptPawachMetharattanara
 
ITIL-v3-Incident-Management-Process-PPT-RED.pdf
ITIL-v3-Incident-Management-Process-PPT-RED.pdfITIL-v3-Incident-Management-Process-PPT-RED.pdf
ITIL-v3-Incident-Management-Process-PPT-RED.pdfManishKumar526001
 
CISA_WK_2.pptx
CISA_WK_2.pptxCISA_WK_2.pptx
CISA_WK_2.pptxdotco
 
Types_of_Access_Controlsggggggggggggggggg
Types_of_Access_ControlsgggggggggggggggggTypes_of_Access_Controlsggggggggggggggggg
Types_of_Access_ControlsgggggggggggggggggSaurabh846965
 
NPMA Physical Inventory - Beyond Scanning and Checking the Box
NPMA Physical Inventory - Beyond Scanning and Checking the BoxNPMA Physical Inventory - Beyond Scanning and Checking the Box
NPMA Physical Inventory - Beyond Scanning and Checking the BoxMarla Williams
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptxdotco
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practiceZoneFox
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriAtif Ghauri
 
Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Chinatu Uzuegbu
 
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...PECB
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingAtif Ghauri
 

Similar a Security Access Control Requirements Gathering Pack (20)

crisc_wk_4.pptx
crisc_wk_4.pptxcrisc_wk_4.pptx
crisc_wk_4.pptx
 
What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...
What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...
What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptx
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Marketing wi comply
Marketing wi complyMarketing wi comply
Marketing wi comply
 
Soc
SocSoc
Soc
 
experience_and_perspective_of_security_installation.ppt
experience_and_perspective_of_security_installation.pptexperience_and_perspective_of_security_installation.ppt
experience_and_perspective_of_security_installation.ppt
 
ITIL-v3-Incident-Management-Process-PPT-RED.pdf
ITIL-v3-Incident-Management-Process-PPT-RED.pdfITIL-v3-Incident-Management-Process-PPT-RED.pdf
ITIL-v3-Incident-Management-Process-PPT-RED.pdf
 
CISA_WK_2.pptx
CISA_WK_2.pptxCISA_WK_2.pptx
CISA_WK_2.pptx
 
kinerja smk3
kinerja smk3kinerja smk3
kinerja smk3
 
Types_of_Access_Controlsggggggggggggggggg
Types_of_Access_ControlsgggggggggggggggggTypes_of_Access_Controlsggggggggggggggggg
Types_of_Access_Controlsggggggggggggggggg
 
NPMA Physical Inventory - Beyond Scanning and Checking the Box
NPMA Physical Inventory - Beyond Scanning and Checking the BoxNPMA Physical Inventory - Beyond Scanning and Checking the Box
NPMA Physical Inventory - Beyond Scanning and Checking the Box
 
ITIL # Lecture 8
ITIL # Lecture 8ITIL # Lecture 8
ITIL # Lecture 8
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practice
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif Ghauri
 
Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2
 
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples Counseling
 

Último

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 

Último (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 

Security Access Control Requirements Gathering Pack

  • 1. Access Control Requirements Gathering Session 1
  • 2. • The business requirements will form the basis of future projects and will determine the eventual scope. • If a ‘need’ is not raised as a requirement, the project will not know that the system must perform an action- therefore it will not be included within the scope of the project or included within the end solution. • The requirements will be base-lined at the end of the Initiate Phase. Any requirements submitted after this date will not be accepted without a change request and associated funding (where applicable). • The identified business stakeholders are responsible for ensuring that all requirements are raised during the Initiate Requirements gathering process. The Importance of Requirement Gathering
  • 3. • Review each area of Access Control functionality. • Prepare a set of draft Access Control BUSINESS requirements for each of the functional areas. • Agree a priority for each draft requirement. • Agree next steps, actions and areas for further investigation. Workshop 1 Objectives
  • 5. • What threats are present? • What are the drivers for an access control system? i.e. controlling visitor numbers, protecting people, protecting assets, anti-tailgating, anti-pass back, etc? • Who and what are we trying to protect? Defining the Nature of the Threat- Discussion
  • 7. • What general areas need to be controlled?- areas, rooms, locations etc? • What exceptions exist?- i.e. Fire Exits etc? • What areas require enhanced access control?- i.e. Equipment Rooms, Data Centres etc • Why do these areas need to be controlled? What is the related threat? • What is the level of risk associated with these areas? • What is the function of installing control in these areas? Areas of Concern (General)- Discussion
  • 8. • What vulnerable points exist for each area to be controlled?- doors, windows, air conditioning shafts, conduits etc • What points should have access control? • Should access be controlled on a location by location basis or should access be controlled to area ‘types’? Areas of Concern (Specific)- Discussion
  • 10. • Are there any legal requirements? Health & Safety or Disability & Discrimination Act? • How should access control act in case of an emergency?- i.e. release on emergency? • What is the definition of an emergency? • What fire officer requirements exist? • What provisions should be granted to the blue light services? • What are the requirements for disabled access? • When will the access system be operation? 247/ 365 or night time only? Health & Safety- Discussion
  • 11. Type of Access Control
  • 12. • Should the system be automatic or manned? • What types of barriers should be used for each of the areas in scope?- door locks, arm barriers, vehicle block devices etc? • What types of additional barriers should be used for the priority locations?- electronic keys, finger print scanning? • What type of verification measures should be used? Electronic key card, IRIS scan, Finger print recognition, ID codes, keys etc. • What should the user do when access is denied? Should an intercom system be present? Types of Access Control- Discussion
  • 13. • How often will the access control be used in each of the areas? • What level of security should be in place? • If the power drops what should happen? • Anti-Tamper mechanisms? Technical Details Discussion
  • 15. • How will access control be managed?- customer, Staff, Disabled Visitors/ Staff, Contractors etc? • What information will be captured against each person granted access? Name, address, role, date given, expiry date etc? • What period should access be granted for? • What types of protected access should be provided? • How will deliveries be controlled? • Where will data entry and monitoring of alarm activity take place? • How will data for entry or modification be gathered? • How will security clearance be processed? Operational Issues- Discussion
  • 17. • Should there be integration between the Access Control System and other systems? i.e. CCTV system? • What information should pass between the systems? Integration Discussion
  • 19. • What information should the system capture? • Successful access- user ID, time, location etc.? • Unsuccessful access- user ID, time, location, number of attempts etc.? • Should information be captured and available to view in real time? i.e. should it be possible to identify where an individual is located at all time? • What reports should be available from the system? • Should the system automatically alert based on event triggers? If so, what events should trigger alerts and how should the system alert? • What should the system do in the event of a breach? – i.e. a door is forced? Management Information & Reporting Discussion
  • 20. • What should the system do in the event that an access control point fails in the following scenarios: • Access point looses power • Access point fails- i.e. reader not able to read card • Access point operational but input not detected- i.e. an issue with the card. • Access point breached? Support & Maintenance Discussion