Web Application Security session conducted by Lightracers Consulting, for web developers. In this learning presentation, we will look at – What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Overview of OWASP, OWASP Top 10 Vulnerabilities and Protection measures.
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at – What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Before writing a proposal for a service/operations work, many vendors are given a chance to attend a due-diligence program. Many organizations prefer to have only one type, i.e. Technical Due-Diligence. In this blog post, we give you some points to remember and ask for while attending a technical due-diligence.
Generally, this will be a single-sitting meeting where the vendors can interact with existing service providers. This meeting will help the new service providers understand the functionality and feasibility of a system. This will help them in writing a suitable proposal and taking over the work. This meet should have at least two types of people from either side. One is technical and another is of process. Technical people will interact on the technology, implementation and other ground level activities, where as Process people will understand how the system is being handled, how the requirements are handled, what environment the team is in and others.
From the new vendors perspective, below is the list of areas that you can discuss and these will help you in preparing your proposal.
- System Background & Description
- System Demo
- Objectives of Engagement
- Benefits Expected from Engagement
- Future Product Roadmap
- SCOPE of the work to be done in this engagement
- High level Deliverable Expected
- High level Timelines/ Milestones
- Customer Information
- Partners Information
- Current Challenges
Current system environment
- Understanding of Functional Features
- Understanding of presentation layer architecture
- Understanding of business layer architecture
- Understanding of Data Layer architecture
- Understanding Interfaces & Integration Architecture
- Understanding Security Architecture
- Understanding current system performance
- Development Tools, Softwares, Environment, Middleware
- Cloud Infrastructure details / sizing
- Documentation repository & Comprehensiveness
Current software maintenance process
- Quality Control & Quality Assurance Processes (reviews, testing, standards etc)
- Software Release Management Processes
- Software Deployment Process
- Software Ticketing System
- Enhancements assessment Process
Current application support details
- Role & Skill Mix and # of team members
- Maintenance Window
- Capacity hours planned for each role in the maintenance Window
- Scope of the work being done
- Current Issues / Risks
- Severity Definitions of Tickets
- Severity level of Tickets received in last 3 months/ one year
- Service Level Definitions & Targets
- # of major and minor enhancement requests received in the last 3 months/ one year
- Help Desk structure & Infrastructure of support system
- Support expected from current service provider during Knowledge Transition & Secondary Support
You should also identify a person who can give you other information that you have missed in the session. You should understand that existing service providers might not be interested in seriously attending your call. So understand their minds and know the times when they will be available and give you a proper response.
Hope this list will give you the information for your takeoff.
Process document mainly contains the following information
- Objectives of the applications
- Stakeholder diagram and their interoperability
- Solution Architecture
- Functional block diagrams
- technical architecture
- Integration with external systems/interfaces
- Use Case diagrams
- Process definition and responsible user roles
- Process workflow diagrams