slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Presentation to ISSD Task Force INFORMATION SYSTEMS SECURITY DIVISION Reorganization Study PowerPoint Presentation
Download Presentation
Presentation to ISSD Task Force INFORMATION SYSTEMS SECURITY DIVISION Reorganization Study

Loading in 2 Seconds...

play fullscreen
1 / 17

Presentation to ISSD Task Force INFORMATION SYSTEMS SECURITY DIVISION Reorganization Study - PowerPoint PPT Presentation


  • 89 Views
  • Uploaded on

Presentation to ISSD Task Force INFORMATION SYSTEMS SECURITY DIVISION Reorganization Study Prepared: May 6 , 1991 Revised: May 7, 1991. AGENDA. Proposed Reorganization (Security Automation Division) II. Why Merger of Fraud Detection and ISS Divisions III. ISSD Staff Reduction

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Presentation to ISSD Task Force INFORMATION SYSTEMS SECURITY DIVISION Reorganization Study' - hasad-dean


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Presentation to ISSD Task Force

INFORMATION SYSTEMS SECURITY DIVISION

Reorganization Study

Prepared: May 6, 1991 Revised: May 7, 1991

agenda
AGENDA
  • Proposed Reorganization (Security Automation Division)

II. Why Merger of Fraud Detection and ISS Divisions

III. ISSD Staff Reduction

• Service & Project Assumptions

• ISS-WA Organization & Service Reductions

• 155-LA Organizations & Service Reductions

• 155-AZ Temporary Organization

IV. Cost Reduction Summary

V. Action Summary

VI. ISSD Functions Summary

why merge divisions
WHY MERGE DIVISIONS

• Reduction in Cost

• Infusion of Expert System Knowledge into Security Function

• Centralized Supervision & Administration of Security Technical Functions

WHY J XXXXXXX AS DIVISION MANAGER

• Significantly More Technical and Managerial Depth

  • 30 years of Technical and Managerial Data Processing Experience
  • Development and Systems Assurance Management Experience
  • Data Center Production and Operations Management Experience
  • Security (RACF) Project Experience
  • Expert Systems Project Experience
  • Commercial and M Application & Architecture Design Experience
  • Business Resumption and Data Processing Contingency Planning Experience
service project assumptions
SERVICE & PROJECT ASSUMPTIONS

• SAD with the Support of SPAC performs Security Product Reviews

• SPBA accepts decentralized Branch Security Administration. AZ Security Service will be provided without local presence (no reduction in service anticipated)

• SPAC-NW will use their current system as basis for SPC Online Request Processing and therefore have responsibility for SPC Security Architecture

sad washington service reductions
SAD-WASHINGTON SERVICE REDUCTIONS

ELIMINATE

• Security Boiler Plate Contributions to Legal Documents

REDIRECT

• MVS Request Processing

• Physical Security Reviews

• Security Product Research

REDUCE

• New Business Research

• Procedure and Guideline Writing

• Security Awareness Program

• Department & Division Administrative Documentation

sad la technical support service reductions
SAD-LA TECHNICAL SUPPORT SERVICE REDUCTIONS

ELIMINATE

• Security Boiler Plate Contribution to Legal Documents

REDIRECT

• PC/Virus Software Distribution

• Physical Security Reviews

REDUCE

• Security Product Research

• New Business Research

• Procedure & Guideline Writing

• Security Awareness Program

• Department & Division Administrative Documentation

sad la request processing service reductions
SAD-LA REQUEST PROCESSING SERVICE REDUCTIONS

REDIRECT

• Procedure & Guideline Writing

• TANDEM Request Processing, and Violation Reporting & Review

sad az service reductions
SAD-AZ SERVICE REDUCTIONS

CONSOLIDATE ELSEWHERE INTO SAD

• MVS Environment Management (WA)

• MVS Request Processing (LA)

• Cryptographic Key Management (LA)

• Audit Response (WA)

TRANSFER TO USERS

• Thirty Plus Internal Security Applications

action summary
ACTION SUMMARY

• 2 ND QUARTER 1991

- Layoff Division Manager

- Layoff Mainframe Technical Consultant In LA

- Layoff Midrange Technical Consultant In LA

- Move Data Security Analyst from WA to LA

(add TANDEM skills to LA)

• 4 TH QUARTER 1991

- Complete Conversion of Arizona Processing to Common Architecture

• 1 ST QUARTER 1992

- Transfer(Layoff) AZ Manager

- Layoff AZ Data Security Analyst

issd functions summary
ISSD FUNCTIONS SUMMARY

KEPT AT CURRENT LEVEL OF EFFORT • SPC Security Architecture Development • Mainframe & Tandam Security Request Processing (Consolidated) • Mainframe & Tandem Security Technical Support • Midrange, LAN, and PC Security Technical Support • Network Security Support • Online Security Request Processing System Development • Wire Transfer Security Support • Cryptographic Key Management • MAC Security Request Processing (CA) • Database and Tracking of Waiver, Virus, and Security Incident Events • Information Systems Security Committee (ISSC) Support • Information Systems Security Manual (ISSM) Policy Development • Application Project (such as BDS) Security Consulting

REDUCED LEVEL OF EFFORT

• Security Procedure and Guideline Writing (Consolidated)

• Security Awareness Program

• Security Product Reviews (with SPAC)

• New Business Research Assistance

• Department and Division Administrative Documentation

security automation division manager
SECURITY AUTOMATION DIVISION MANAGER

OVERALL PURPOSE

The purpose of this position is to provide support to the Corporate Security Department objectives in:- Managing and coordinating of computer security plans, projects, and policies; - Developing external fraud detection and prevention applications; - Administering passwords and users identifications for productions and development operations. - Identify and monitor emerging technology in the fields of information security and expert systems products

REQ UIREM ENTS

- Minimum of 20 years of data processing background with a thorough understanding of computer operating systems and networks. The major emphasis is in database computer environments supported in different geographic locations.

- Ability to interact with senior management to gain concurrence on security related methods and production processing.

- Possess technical skills to interact, make decisions, and implement security methods consistent with business and technical requirements.

- Proven record of knowledge based application development and installation.

RESPONSIBILITIES

- Provide technical direction and leadership to apply and create access controls to meet Federal, State, CCC, NBE, and internal audit requirements. Additionally, provide risk versus exposure analysis and recommendations.

- Provide security direction in the SPC dynamic technical and business environments.

- Work with AC in the creation of security related technology, products, procedures, systems, and concepts. The position requires the ability to innovate and to manage innovative projects.

- Ensure that the security needs/requirements of the corporation are maintained and established with consideration to the amount of risk or exposure to electronic assets.

- Ensure and provide technical direction to mitigate security related failures and damage that can have significant negative impact on the total organization.

- Provide technical direction for the design of expert systems related to external fraud detection and prevention.

- Ability to analyze user expertise into knowledge base rules.