© Crown Copyright (2000) Module 3.2 Evaluation Management.

Slides:

Advertisements

Similar presentations

© Crown Copyright (2000) Module 2.6 Vulnerability Analysis.

Advertisements

© Crown Copyright (2000) Module 2.3 Functional Testing.

16 August 2010© Crown Copyright (2010)1 Module 2.8 Assurance Continuity and Composition.

© Crown Copyright (2000) Module 2.4 Development Environment.

© Crown Copyright (2000) Module 3.1 Evaluation Process.

Security Requirements

© Crown Copyright (2000) Module 2.0 Introduction to Module 2.

© Crown Copyright (2000) Module 2.5 Operational Environment.

Module 1 Evaluation Overview © Crown Copyright (2000)

© Crown Copyright (2000) Module 2.7 Penetration Testing.

© Crown Copyright (2000) Module 2.2 Development Representations.

Babcock International Group Plc SH V0.05 Project Status Reviews APM SWWE Event, 31/01/2012 Pete Ricketts FAPM Babcock Marine,

Program Management Office Department of Innovation & Technology City of Boston Kickoff Meeting.

Software Quality Assurance Plan

1 Information Systems Development (ISD) Systems Development Life Cycle Overview of Analysis Phase Overview of Design Phase CP2236: Information Systems.

1 norshahnizakamalbashah CEM v3.1: Chapter 10 Security Target Evaluation.

1 Use and content of the RFP  Request for Proposals (RFP) is similar to bidding documents and include all information of the assignment, selection of.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

This work is licensed under a Creative Commons Attribution 3.0 Unported LicenseCreative Commons Attribution 3.0 Unported License (CC-BY). Project Management.

IS&T Project Management: How to Engage the Customer September 27, 2005.

BS EN ISO 14001:2004 Madlen King BSc MSc MIEMA EMS Lead Assessor Lloyd’s Register Quality Assurance Ltd BS EN ISO 14001:2004.

Configuration Management Avoiding Costly Confusion mostly stolen from Chapter 27 of Pressman.

CPA is a UKAS company The Assessment Process 2014 Seminars.

THE SYSTEMS LIFE CYCLE ANALYSE DESIGN IMPLEMENT MAINTENANCE IDENTIFY/INVESTIGATE.

United Nations Economic Commission for Europe Statistical Division Applying the GSBPM to Business Register Management Steven Vale UNECE

IAEA International Atomic Energy Agency How do you know how far you have got? How much you still have to do? Are we nearly there yet? What – Who – When.

AICT5 – eProject Project Planning for ICT. Process Centre receives Scenario Group Work Scenario on website in October Assessment Window Individual Work.

S oftware Q uality A ssurance Part One Reviews and Inspections.

FCS - AAO - DM COMPE/SE/ISE 492 Senior Project 2 System/Software Test Documentation (STD) System/Software Test Documentation (STD)

Ways for Improvement of Validity of Qualifications PHARE TVET RO2006/ Training and Advice for Further Development of the TVET.

BMAN Integrative Team Project Week 2 Professor Linda A Macaulay.

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

UNCLASSIFIED DITSCAP Primer. UNCLASSIFIED 1/18/01DITSCAP Primer.PPT 2 DITSCAP* Authority ASD/C3I Memo, 19 Aug 92 –Develop Standardized C&A Process DODI.

ISM 5316 Week 3 Learning Objectives You should be able to: u Define and list issues and steps in Project Integration u List and describe the components.

Current and Future Applications of the Generic Statistical Business Process Model at Statistics Canada Laurie Reedman and Claude Julien May 5, 2010.

Project Life Cycle.

Dr. Jana Jagodick Polytechnic of Namibia, 2012 Project Management Chapter 5 Project Integration Management.

University of Sunderland COM369 Unit 6 COM369 Project Quality Unit 6.

Chapter 15 Introduction to Systems Development. Learning Objectives Learn how information systems are developed Understand importance of managing SD process.

Information System Project Management Lecture three Chapter one

11/24/2015Dr. SASTRY-PROJ SOFTWARE PROJECT MANAGEMENT By Dr. M V S PERI SASTRY. B.E,Ph.D.

1 Using Common Criteria Protection Profiles. 2 o A statement of user need –What the user wants to accomplish –A primary audience: mission/business owner.

JRA2: Quality Assurance Overview EGEE is proposed as a project funded by the European Union under contract IST JRA.

Copyright (C) 2007, Canon Inc. All rights reserved. P. 0 A Study on the Cryptographic Module Validation in the CC Evaluation from Vendors' point of view.

Test status report Test status report is important to track the important project issues, accomplishments of the projects, pending work and milestone analysis(

BSBPMG501A Manage Application of Project Integrative Processes Manage Project Integrative Processes Unit Guide Diploma of Project Management Qualification.

Eurostat 1 3.An overview of the SDMX implementation process Edward Cook Eurostat Unit B5: “Central data and metadata services” SDMX Basics course,

Software Development Process CS 360 Lecture 3. Software Process The software process is a structured set of activities required to develop a software.

WP7 Security Coordination 23/24 Jan 2002 David Kelsey CLRC/RAL, UK

Introduction to Project Management Darren Trofimczuk.

Company LOGO. Company LOGO PE, PMP, PgMP, PME, MCT, PRINCE2 Practitioner.

6/6/ SOFTWARE LIFE CYCLE OVERVIEW Professor Ron Kenett Tel Aviv University School of Engineering.

Department of Computer Science Introduction to Information Security Chapter 8 ISO/IEC Semester 1.

Coordinators' day on FP7 Project Negotiation Description Of Work Annex I Griet Van Caenegem DG CNECT R5 Programme Operations May 28, 2013.

 System Requirement Specification and System Planning.

Capacity Building in: GEO Strategic Plan 2016 – 2025 and Work Programme 2016 Andiswa Mlisa GEO Secretariat Workshop on Capacity Building and Developing.

Project Management PTM721S

Scope Planning.

Systems Analysis and Design

Chapter 5: Project Scope Management

CIS12-3 IT Project Management

ESS.VIP VALIDATION An ESS.VIP project for mutual benefits

Definition of Project and Project Cycle

Unit 5 – eProject – Starting to look at projects Unit 5

5 POINT PLAN THE SYSTEMS LIFE CYCLE ANALYSE DESIGN

QA Reviews Lecture # 6.

Engineering Processes

E-learning Projects Overview

Presentation transcript:

© Crown Copyright (2000) Module 3.2 Evaluation Management

You Are Here M3.1 Evaluation Process M3.2 Evaluation Management MODULE 3 - SCHEME RULES AND PROCEDURES

Evaluation Management Preparation Phase Conduct Phase Conclusion Phase

Evaluation Management Preparation Phase Conduct Phase Conclusion Phase

Preparation Phase - Inputs Definition of Target of Evaluation –Scope, boundaries, interfaces, composites, etc. What evaluation level is required ? Technical expertise required ? Evaluation Planning TOE

Preparation Phase - Suitability CLEF/CB may review ST for suitability Check Sponsor and Developer have full understanding of: –the evaluation process –the role of the CLEF –their responsibilities throughout evaluation

Preparation Phase - TIN May be combined with EWP Task Identification Sponsor and Developer Details Description of TOE Summary of Security Requirements Timescales Staffing Contacts

Preparation Phase - EWP May be combined with TIN Evaluation methodology –CEM/ITSEC –Interpretations Evaluation effort for each activity Constraints Limitations

Preparation Phase - UKSP06 Entry & CB Questionnaire UKSP06

Task Start-up Meeting Objective Attendees Timing Agenda

Preparation Phase - Outputs Evaluation Planning EWP TIN UKSP 06 Entry Security Target CB Questionnaire

Evaluation Management Preparation Phase Conduct Phase Conclusion Phase

Conduct Phase - Inputs Task Conduct TIN / EWP TOE Deliverables Security Target Deliverables Schedule

Conduct Phase - Reporting Progress Evaluation Progress Meeting (EPM) ETR Production –Draft annexes (activity reports, glossary, list of deliverables etc.) Observation Report Status Register

Evaluation Progress Meetings Objective Attendees Timing Agenda

Observation Report Status - 1 AGR - Corrective Action Agreed CAP - Certifier Action Pending CLR - Cleared FIX - Fix to be evaluated by CLEF ISS - Issued to the Certifier

Observation Report Status - 2 PRO - Corrective Action Proposed REJ - Corrective Action Rejected REL - Released to the Sponsor / Developer WDN - Problem Report Withdrawn

Conduct Phase - Observation Reports Content (Level 1 and Level 2) –Identifier –Severity Level –Evaluation Activity where raised –Observation –Organisation responsible for resolution –Timescale for resolution

Conduct Phase - Issues Maintain Independence Comply with UKAS Requirements Comply with Methodology Requirements

Conduct Phase - Outputs Task Conduct Work Package Reports Observation Reports Scheme Observation Reports

Evaluation Management Preparation Phase Conduct Phase Conclusion Phase

Conclusion Phase Evaluation Technical Report (ETR) Certificate and Certification Report Task Closedown

Assurance Maintenance (CMS) Additional Evaluation Task See Module 2.8 for more details

ITSEC v. CC Main difference is work breakdown ITSEM/UK SP 05 specify mandatory requirements CEM defines Work Units

Summary Three Phases to evaluation Management –Preparation Phase –Conduct Phase –Conclusion Phase Covers whole evaluation Terminology difference between ITSEC & CC

Further Reading UKSP 01 UKSP 04 Part 1 UKSP 05 Part 1 CEM Part 2, Chapter 2

Exercise - Planning Given the ITT on the handouts, please prepare a TIN and EWP for the task