Docstoc

Ict Security Project Proposal - Excel

Document Sample
Ict Security Project Proposal - Excel Powered By Docstoc
					                                                                                                                                            Department of Treasury & Finance
 GUIDE TO COMPLETING THE WOVG ICT EXPENDITURE APPROVAL APPLICATION
Version 1.2 (IMPORTANT: Please ensure that you use the latest version of this template by downloading the updated package from the DTF website)
 Purpose of this form: Expenditure Review Committee (ERC) has mandated that the authority to spend more than $250k on Information and Communications
 Technology (ICT) be allocated to the Secretary of Department of Treasury and Finance (DTF) to support goals of Efficient Technology Services (ETS).

 Applications impacting on ETS will require the submission to be sent to GSG via email: ictapproval@dtf.vic.gov.au

 What is in Scope: All ICT categories listed in Section B of this template
 Step 1: Departmental IT directors or equivalent authorised senior manager are required to determine when an application will impact on ETS. This
 is determined by reviewing section B of the WoVG ICT Expenditure application template. Selection of one or more ICT category in Section B
 indicates a potential impact on ETS and therefore the application will need to be submitted to Government Services Group (GSG) for approval prior
 to undertaking the procurement/tendering process.
 Step 2: Section A: Governance
    1) Agency Name:                                                                            The name of the agency submitting this application

    2) Contact details of the person completing this application:                              Enter the contact person's name, email address and phone number
    3) Application Title:                                                                      Enter the title of this application for ICT expenditure
    4) ICT spend Description:                                                                  Enter a brief description of the proposal, stating the purpose, objective and benefits
                                                                                               Enter the amount of ICT expenditure which is the subject of this application. The amount entered must
    5) Total ICT expenditure which is the subject of this application: $
                                                                                               be numeric and cannot contain any other characters.
                                                                                               Select the appropriate checkbox for the type of funding involved, whether capital and/or operational
        What type of funding is involved?
                                                                                               expenditure
    6) If the requested expenditure is equal to or greater than $1 million, you must           If the requested ICT expenditure amount for this application is equal to or greater than $1 million, then
    attach a business case with this application                                               you must attach a business case when submitting this application to GSG
    7) Name of the IT directors/equivalent authorised senior manager endorsing this            Enter the name of theIT Directors or equivalent authorised senior manager who has endorsed this
    application:                                                                               application
                                                                                               Enter the date when this application was endorsed by the IT Director or equivalent authorised senior
        Date that this application was endorsed: (dd/mm/yyyy)
                                                                                               manager. The date must be entered in the format dd/mm/yyyy
                                                                                               Enter the date in which your agency intends to commence spending this funding. The date must be
    8) When does your agency intend to commence spending this funding? (mm/yyyy)
                                                                                               entered in the format mm/yyyy
                                                                                               Enter the date in which your agency intends to complete spending this funding. The date must be
        When does your agency intend to complete spending this funding? (mm/yyyy)
                                                                                               entered in the format mm/yyyy
                                                                                               Select from drop down list whether this application is related to any previously submitted requests to
    9)Is this application related to any previously submitted requests to GSG?
                                                                                               GSG
        If yes, please provide the DTF Assessment Number that was assigned:                    Enter the DTF Assessment Number that was assigned to any previously submitted requests to GSG

    10) Is this application part of an existing project/program of work?                       Select from drop down list whether this application is part of an existing project/program of work
                                                                                               If this application is part of an existing project/program of work then enter the title of the
        If Yes, what is the title of this project/program of work?
                                                                                               project/program of work
                                                                                               If this application is part of an existing project/program of work then enter the total budget of the ICT
        If Yes, what is the total budget of the ICT component for this project/program of
                                                                                               component for this project/program of work. The amount entered must be numeric and cannot contain
        work? $
                                                                                               any other characters.
                                                                                               Select from drop down list whether there are going to be any further ICT Expenditure approval
    11) Are there going to be further applications for this project/program of work?
                                                                                               applications for this project/program of work
    12) Is this proposal compliant with WoVG policies & standards?                             Select from drop down list whether this proposal is compliant with WoVG policies & standards

                                                                                               If this proposal is not compliant with WoVG policies & standards, then please provide brief rationale
        If No, please provide brief rationale for this position
                                                                                               for this position

 Step 3: Section B: Which of the following ICT categories are in scope of this expenditure application?
 Details in Section B must have at least one response
    ICT Category:
    1) Desktop                                                                                 From the listed categories select the appropriate checkbox/s.
    2) Hosting                                                                                 If your agency does not intend to spend on any of the categories then you must select 'None of the
    3) Identity and Access Management (IDAM) & Security Services                               below'.
                                                                                               If you have selected any items under the respective categories then you must enter the estimated
    4) Networks                                                                                expenditure that your agency intends to spend for that category.
                                                                                               You must have a response for all of the categories.
                                                                                               Enter in brief, any additional information that may be related to the selected ICT categories. When
                                                                                               pasting information into this cell, ensure that you use the 'Paste Special' option from the 'Edit' menu
    5) Other additional information (if any) in relation to these selected categories:
                                                                                               and paste into the formula bar. Examples of information that can be provided may include: standards,
                                                                                               policies, vendor or background.
                                                                                               If you have not selected any of the ICT categories in section B and your agency would still prefer GSG to
    6) None of the above - request GSG review
                                                                                               review this application then check this box




Government Services Group                                                                                                                                                                        Page 1 of 11
 Step 4: Section C: Products and Services
 Details in Section C must have at least one response if you have selected any ICT categories that are in scope of this expenditure application

    1) If known, what products will be used for the categories selected in Section B?
        Product Name:                                                                   Enter the name of the products(hardware or software) that will be used and select the ICT category from
        ICT Category:                                                                   the drop down list
        Product Vendor:                                                                 Enter the vendor name of the products that will be used for the selected category
        Product Version:                                                                Enter the version no. of the products that will be used for the selected category
    2) If known, what services will be used for the categories selected in Section B?
        Service Provider Name:                                                          Enter the name of the service provider that will be used and select the relevant category from the drop
        ICT Category:                                                                   down list
        Type of Service:                                                                Enter the type of service that will be used for the selected category

 Step 5 Section D: Procurement
   Details in Section D must be complete

                                                                                        Select which of the following Whole-of-Government Contracts, Open Standing Offer Agreements
                                                                                        (OSOA) or State Purchasing Contract SPCs your agency intends to use for this investment:
                                                                                        Hardware
                                                                                        Computer Software
    1) Do you intend to use any the following Whole-of-Government Contracts, Open
                                                                                        Voice
    Standing Offer Agreements (OSOA) or State Purchasing Contract SPCs?
                                                                                        Data and Video Communications
                                                                                        Major IT Services
                                                                                        Lease Facility
                                                                                        If your agency does not intend to use any of these, then you must select 'None of the below'.

                                                                                        Select an appropriate response from a drop down list whether a new contractual arrangement is going to
    2) Is a new contract going to result from this investment?
                                                                                        result from this investment

           If yes, what will be the total estimated value for this contract?            If a new contract will result from this investment then, enter the total estimated value for this contract

           If yes, what will be the expected duration (number of months) for this       If a new contract will result from this investment then, enter the expected duration in months for this
           contract?                                                                    contract
                                                                                        If a new contract will result from this investment then, please provide details (i.e. scope, timelines, key
           If yes, please provide details of the new contract
                                                                                        deliverables)

 Step 6: Section E Dependencies
   Details in Section E must be complete
    1) Are there existing projects/program of work that are dependent on this           Select an appropriate response from a drop down list whether there are existing projects/program of
    application?                                                                        work that are dependent on this application
           If yes then please provide a description of the dependency:                  If there are existing projects/program of work that are dependent on this application then enter a brief
                                                                                        description of the dependency(i.e. impact, risk, date driven)
 Step 7: Section F: Impact if this application is not approved
    1) What is the impact if this application is not approved?
                                                                                        Select in which areas will there be an impact if this expenditure approval application is not approved:
                                                                                        No Impact, Business, Contractual/Legal/Legislative, Financial or Risk
           What is the level of impact?
                                                                                        Select an appropriate response from a drop down list the level of impact: High, Med, Low

               If the level of impact is High, please provide additional information:   Where the level of impact is High for the selected areas please provide additional information about the
                                                                                        impact

 Step 8: Section G: Additional Information
    1) Please provide any additional information that may be used in support of this    Please include any additional information that may be used in support of this application and identify
    application                                                                         any attachments that may apply.

 Final Step: Before submitting the application to GSG please ensure that it has been validated and endorsed after consideration of the WoVG ICT
 Expenditure Approval Check List by your IT Director/nominated authorised senior manager

 Further instructions: when pasting data from another source into cells please
 use the 'Paste Special' Option in the menu bar and paste it into the formula
 bar




Government Services Group                                                                                                                                                                    Page 2 of 11
       Office Use Only                                                 DTF Assessment Number:                                                                                                                      Department of Treasury & Finance
       WOVG ICT EXPENDITURE APPROVAL APPLICATION
       Version 1.2 (IMPORTANT: Please ensure that you use the latest version of this template by downloading the updated package from the DTF website)
       Complete this form if your agency intends to spend an aggregated amount that is greater than $250k on one or more ICT component listed in Section B of this template
       Purpose of this form: The Expenditure Review Committee (ERC) has mandated that the authority to spend more than $250k on Information and Communications Technology (ICT) be allocated to the Secretary of
       Department of Treasury and Finance (DTF).

       Departmental IT Directors or equivalent authorised senior manager are required to determine when an application will impact on ETS. This is determined by reviewing section B of this WoVG ICT Expenditure
       application template. Selection of any category in Section B indicates a potential impact on ETS and therefore the application will need to be submitted to Government Services Group (GSG) for approval.

       Applications impacting on ETS will require the submission to be sent to GSG via email: ictapproval@dtf.vic.gov.au



       Section A: Governance
           1) Agency Name:                          [Please Select]
           2) Contact details of the person completing this application

                  Contact Name:
                  Contact email:
                  Contact Phone:
           3) Application title:
           4) ICT spend Description:




                                                                                                                                                                                                         FALSE                  FALSE
           5) Total ICT expenditure which is the subject of this application: $                                                        What type of funding is involved?                    Capital Expenditure        Operational Expenditure

           6) If the requested expenditure is equal to or greater than $1 million, you must attach a business case with this application when submitting to GSG
           7) Name of the IT Director/equivalent authorised senior manager endorsing this
           application:
              Date that this application was endorsed: (dd/mm/yyyy)

           8) When does your agency intend to commence spending this funding? (mm/yyyy)                                                When does your agency intend to complete spending this funding? (mm/yyyy)


           9) Is this application related to any previously submitted requests to GSG?                      [Please Select]            If yes, please provide the DTF Assessment Number that was assigned:


           10) Is this application part of an existing project/program of work?                             [Please Select]

                  If Yes, what is the title of this project/program of work?

                  If Yes, what is the total budget of the ICT component for this project/program of
                  work? $

           11) Are there going to be further applications for this project/program of work?                 [Please Select]

                                                                                                                                       If No, please provide brief rationale for this
           12) Is this proposal compliant with WoVG policies & standards?                                   [Please Select]
                                                                                                                                       position
                            Note: Policies & standards apply to
                                                                        WoVG Policies and Standards are located on the
                            the following domians:
                                                                        DTF website:-
                            Data Interoperability (& Street Address)
                            Disaster Recovery
                            ICT Networks (& IP addressing)              www.dtf.vic.gov.au>services to government>ict
                            ICT Service Management                      services>ict policies, standards and guidelines for
                            Identity and Access Management              victorian govt
                            Information Security
                            Major Project Reporting
                            Website Management Framework




Government Services Group                                                                                                     38ab0fd3-49d4-4f6a-b270-1ce3008d3135.xls                                                                           Page 3 of 11
       Section B: Which of the following ICT categories are in scope of this expenditure application?
                                                                                                                              3) Identity and Access Management (IDAM) &
           1) Desktop                                                2) Hosting                                                                                                       4) Networks
                                                                                                                              Security Services

                    Estimated Expenditure $                  $0              Estimated Expenditure $                  $0              Estimated Expenditure $                 $0              Estimated Expenditure $     $0
                    Identify which of the                                    Identify which of the                                    Identify which of the                                   Identify which of the
                    following categories your                                following categories your                                following categories your                               following categories your
                    agency will use                                          agency will use                                          agency will use                                         agency will use

         None of the below
                      FALSE                                         None of the below
                                                                                 FALSE                                       None of the below
                                                                                                                                          FALSE                                      None of the below
                                                                                                                                                                                                 FALSE

                            OR                                                       OR                                                        OR                                                    OR

         Collaboration Clients
                        FALSE                                       .net Environment
                                                                                  FALSE                                      Audit Trail Capture & Analysis
                                                                                                                                             FALSE                                   Email Address / Domain Changes
                                                                                                                                                                                                   FALSE

         Collaboration Services
                        FALSE                                       Database Services
                                                                                   FALSE                                     Authentication FALSE                                    ISP Service    FALSE

         Desktop Productivity Apps
                      FALSE                                         Enterprise Service Bus
                                                                                   FALSE                                     Authorisation FALSE                                     Network Services
                                                                                                                                                                                                   FALSE

         Desktop Virtualisation
                       FALSE                                        File Services   FALSE                                    Directory Services
                                                                                                                                             FALSE                                 [Other please specify]

         Document & Record Mgmt. Client
                     FALSE                                          Java EE environment
                                                                                   FALSE                                     Encryption      FALSE                                 [Other please specify]

         Document & Record Mgmt. Services
                     FALSE                                          Networked Storage
                                                                                  FALSE                                      Enrolment       FALSE                                 [Other please specify]

         Email & Calendar Clients
                       FALSE                                        Print Servers   FALSE                                    Provisioning    FALSE                                 [Other please specify]

         Email Services FALSE                                       Server Virtualisation
                                                                                    FALSE                                    Registration    FALSE

         Operating Systems
                       FALSE                                        Web content Mgmt.
                                                                                 FALSE                                       User management
                                                                                                                                          FALSE

         Search Services
                       FALSE                                        Web Servers     FALSE                                  [Other please specify]

         Web Browser and Plug-ins
                      FALSE                                       [Other please specify]                                   [Other please specify]

         Handhelds          FALSE                                 [Other please specify]                                   [Other please specify]

         Laptops            FALSE                                 [Other please specify]                                   [Other please specify]

         PCs                FALSE                                 [Other please specify]

         Printers           FALSE

       [Other please specify]

       [Other please specify]

       [Other please specify]

       [Other please specify]




               5) Other additional information (if any) in
               relation to these selected categories:




               6) If you have not selected any of the ICT categories above and your agency would still prefer GSG to review this application then check this
                                                                                                                                                                  None of the above - request GSG review
                                                                                                                                                                                       FALSE
               box:




Government Services Group                                                                                            38ab0fd3-49d4-4f6a-b270-1ce3008d3135.xls                                                                  Page 4 of 11
       Section C: Products and Services

                                                            1) If known, what products will be used for the categories selected in Section B?

       Product Name:                      ICT Category:              Product vendor:                                                            Product version:
                                          [Please Select]

                                          [Please Select]

                                          [Please Select]

                                          [Please Select]

                                          [Please Select]


                                                            2) If known, what services will be used for the categories selected in Section B?

       Service Provider Name:             ICT Category:              Service description:

                                          [Please Select]

                                          [Please Select]

                                          [Please Select]

                                          [Please Select]

                                          [Please Select]




Government Services Group                                                          38ab0fd3-49d4-4f6a-b270-1ce3008d3135.xls                                        Page 5 of 11
       Section D: Procurement
           1) Do you intend to use any the following Whole-of-Government Contracts, Open Standing Offer Agreements (OSOA) or State Purchasing Contract SPC?

              Hardware:                             Computer Software:                                 Voice, Data and Video Communications:                     Major IT Services:                                       Lease Facility:
          FALSE
         None of the below                      None of the below       FALSE                     None of the below            FALSE                         None of the below      FALSE                             None of the below
                                                                                                                                                                                                                                      FALSE



                            OR                                          OR                                                      OR                                                    OR                                                OR

                                                                                                                                                                                                                      Computer Equipment Operating Lease and
         Desktop Products & Services
       FALSE                                    Microsoft Enterprise Agreement
                                                                        FALSE                      Victorian Office Telephony Services
                                                                                                                           FALSE                                                   FALSE
                                                                                                                                                             Whole of Government eServices Panel                                     FALSE
                                                                                                                                                                                                                      Asset Management Facility

         File Servers and Uninterruptible
       FALSE
         Power Supplies (UPS)                   IT Software (Oracle Systems)
                                                                        FALSE                      Telecommunications Carriage Services
                                                                                                                           FALSE                             Whole of Victorian Government Internet Services
                                                                                                                                                                                    FALSE


         Network/Switches Products &            Whole of Government IBM Software Enterprise
       FALSE                                                          FALSE
         Services                               Agreement

         Printer Products & Services
       FALSE


         Notebook Products & Services
       FALSE


         PC
       FALSEand Notebook Equipment Panel


           2) Is a new contract going to result from this                                              If yes, what will be the total estimated value of                              If yes, what will be the expected duration (in number of
                                                                [Please Select]                                                                                           $0
           investment?                                                                                 this contract?                                                                 months) for this contract?

              Please provide details of the new contract:




       Section E: Dependencies

           1) Are there any projects/program of work that are dependent on this application?    [Please Select]

              If yes, please provide a description of the dependency:




Government Services Group                                                                                         38ab0fd3-49d4-4f6a-b270-1ce3008d3135.xls                                                                                                Page 6 of 11
       Section F: Impact if application is not approved

           1) What is the impact if this application is not approved?

                                                 What is the
           Impact                                level of           Where the level of impact is High, you must provide additional information:
                                                 impact?
                        FALSE
          No Impact

                        FALSE
         Business/Service Delivery           [Please Select]


                       FALSE
          Contractual
          /Legal/Legislative                 [Please Select]


                        FALSE
          Financial                          [Please Select]


                        FALSE
          Risk                               [Please Select]


       Section G: Additional Information
                  1) Please provide any additional information that may be used in support of this application




Government Services Group                                                                                          38ab0fd3-49d4-4f6a-b270-1ce3008d3135.xls   Page 7 of 11
ICT Categories - Key definitions
Desktop                                                             Hosting                                                                     IDAM & Security services                                            Networks


Collaboration Clients: Client component of software that            .NET environment: Environment for running applications that have            (Access Control removed because enrolment &                         Email Address & Domain Name changes: Email
runs on the desktop or other devices that enables sharing of        been developed for Microsoft's .NET framework. The Microsoft .NET           authorisation cover it.)                                            Addresses are human-readable identifiers for sending Email to
information, ideas, meetings, documents, presentations, etc to      Framework is a software technology that is available with several                                                                               the appropriate person's mail inbox. Email Domain names
facilitate co-workers, partners and clients working together        Microsoft Windows operating systems. It includes a large library of pre-                                                                        currently usually specify the department or agency of the
from different locations.                                           coded solutions to common programming problems, a runtime or                                                                                    person being addressed. Domain names also include domains
This includes video and audio conferencing, other real-time         virtual machine that manages the execution of programs written                                                                                  (eg. dtf.vic.gov.au) used for website URLs.
(eg. Instant Messaging and Presence) and asynchronous non-          specifically for the framework, and a set of tools for configuring and
real-time (eg. Team rooms, Blogs, Wikis, etc.) interactions         building applications. The .NET Framework is a key Microsoft offering
between the participants.                                           and is intended to be used by most new applications created for the
                                                                    Windows platform. While it is used for both server and client
                                                                    computers, within the current context we apply it to servers.




Collaboration Services: Server component of software that           Database services: A database is a structured collection of records         Audit Trail Capture & Analysis (Previously known as                 Internet Service Provider (ISP) Service: An ISP is an
enables sharing of information, meetings, documents,                or data. Database services are delivered by Database Management             'Audit & Monitoring': Identification, monitoring, logging,          organisation that supplies Internet connectivity to home and
presentations, etc to facilitate co-workers, partners and clients   Systems (DBMS), which organise and maintain the database, and run           analysis, alerting and reporting of user activities within a        business customers. ISPs provide services both for user access
working together from different locations.                          on a server.                                                                system, application, network and the information within these       to the Internet and for hosts delivering content to Internet
This includes video and audio conferencing, real-time and                                                                                       components. Audit Trail Capture & Analysis applies to both the      users. ISPs support one or more forms of Internet access,
asynchronous non-real-time interactions, between the                                                                                            use of the Identity Management systems and to other                 ranging from low-speed modem dial-up to broadband
participants.                                                                                                                                   applications holding security-classified information. Auditing      connections. (An ISP may provide additional services, such as
                                                                                                                                                the use of an application needs access to identity information      E-mail routing and hosting. These are excluded from our
                                                                                                                                                in order to identify who is accessing what.                         definition.)



Desktop Productivity Apps: Software desktop tools for               Enterprise Service Bus: An Enterprise Service Bus (ESB) provides            Authentication: For each user session, the obtaining of             Network Services: A network service is access to a WAN
creating, editing, viewing, printing and sharing documents,         a business with a comprehensive, flexible and consistent approach to        information from a user (credentials), and the validation of        (Wide Area Network) or MAN (Metropolitan Area Network)
spreadsheets, presentations, drawings and charts.                   the integration of services and applications. The capability may also be    that information to determine the user identity for security        that provides telecommunications capability between 2 or
                                                                    called Middleware, or Application integration middleware.                   purposes. This validation is carried out by reference to            more sites. It includes telephone services, mobile services and
                                                                                                                                                information stored in the directory. Authentication is carried      data services ranging in speed from about 64 Kbit/s to 40
                                                                    The ESB typically extends the functions of the traditional Enterprise       out to a level of assurance depending on the strengths of the       Gbit/s.
                                                                    Application Integration (EAI) and Message Oriented Middleware               registration process and the credential offered.
                                                                    (MOM), to include:
                                                                    • Intelligent Routing
                                                                    • Message Transformation
                                                                    • Legacy and LOB Application Adaptation
                                                                    • Business Process Execution
                                                                    • Service Orchestration
                                                                    • Metadata Lookup
                                                                    • Exception Management
                                                                    • Centralized Management
                                                                    • Business Rule Engine
                                                                    • Business Activity Monitoring


Desktop virtualisation: Desktop virtualisation is a server-         File services: File services are the underlying technologies that           Authorisation: Verification that a user is entitled to access a
centric computing model that borrows from the traditional           enable file servers to share data within an organization, including basic   specific resource (system, application, network, information or
thin-client model but is designed to give system administrators     services such as folder sharing and permissions. Other key aspects of       equipment). This verification is carried out by reference to
and end-users the best of both worlds, ie. the ability to host      the implementation of File services include manageability, scalability,     information stored in the directory. This is the session or
and centrally manage desktop virtual machines in the data           and availability of the file servers                                        transaction time component of Access Control.
centre while giving end users a full PC desktop experience. The
user experience is intended to be identical to that of a standard
PC, but from a thin client device or similar, from the same
office or remotely.
Examples of Desktop virtualisation products include Atlantis,
Citrix XenDesktop, Sun Microsystem's Sun VDI, VMware
Fusion, VMware VDI.


Document & Record Mgmt. Client: Client component of                 Java EE environment (previously called J2EE): Environment                   Directory Services: Directory Services identify all the
software that provides document and record management.              for running applications that have been developed for the Java              resources (including services and applications) on a network
Document Management provides management of all document             Community's standard Java Platform Enterprise Edition. Java EE is a         and provide the information that is used by authentication and
types, such as paper documents, faxes, email, word-processed        widely used platform for server programming in the Java                     authorisation to make these resources accessible to authorised
documents, spreadsheets, HTML, XML and audio/video clips            programming language. The Java EE Platform differs from the                 users and applications. Directory Services are the identity vault
across networks, enterprises and the Internet using advanced        Standard Edition (SE) of Java in that it adds libraries which provide       for the range of Identity and Access Management services.
search and retrieval capabilities                                   functionality to deploy fault-tolerant, distributed, multi-tier Java        Data stored by such services include user identities, their
                                                                    software, based largely on modular components running on an                 credentials and access privileges, email addresses, unique
Record Management implements organisational accountability          application server.                                                         identifiers (such as Web addresses), or listings of domain
for electronic information as it is moved from the user or                                                                                      names servers, computers, databases, printers, modems,
author into the organisation. This includes the efficient and                                                                                   scanners, and mail folders. If possible, the directory service
systematic control of the creation, receipt, maintenance, use                                                                                   should make transparent the physical network topology and
and disposal of records, and the associated processes for                                                                                       protocols, the set of rules governing the exchange or
capturing and maintaining evidence of and information about                                                                                     transmission of data electronically between devices. A user on
business activities and transactions in the form of records.                                                                                    a network can then access any resource without knowing
                                                                                                                                                where or how it is physically connected.




                                                                                                                                                                                                                                                                                      page 8 of 11
ICT Categories - Key definitions
Desktop                                                         Hosting                                                                    IDAM & Security services                                           Networks


Document & Record Mgmt. Services: Server component              Networked Storage: Networked storage is used with servers to keep          Encryption: Encryption is used to ensure the confidentiality
of software that provides document and record management.       data files and/or applications in a centralised file server or storage     and integrity of data. Encryption is the process of transforming
                                                                system. The storage system is connected to the server by means of a        information (referred to as plaintext) using an algorithm
Document Management provides management of all document         network (in contrast to direct-attached storage). The storage is thereby   (called cipher) to make it unreadable to anyone except those
types, such as paper documents, faxes, email, word-processed    shared between many servers. Networked storage can be either SAN or        possessing special knowledge (usually referred to as a key).
documents, spreadsheets, HTML, XML and audio/video clips        NAS.                                                                       The result of the process is encrypted information (in
across networks, enterprises and the Internet using advanced    Storage Area Network (SAN) is a high-speed subnetwork of shared            cryptography, referred to as cipher text). Encryption is
search and retrieval capabilities                               storage devices. A storage device is a machine that contains nothing       considered to include the management of the ciphers and keys.
                                                                but a disk or disks for storing data. A SAN also includes a storage        In this contexts, the word encryption also implicitly refers to
Record Management implements organizational accountability      controller for managing the stored files. A SAN typically uses Fibre       the reverse process, decryption (e.g. “software for encryption”
for electronic information as it is transitioned from user or   Channel network technology.                                                can typically also perform decryption), to make the encrypted
author to the organization, including the efficient and         Network Attached Storage (NAS) uses LAN technology such as Gigabit         information readable again (i.e. to make it unencrypted).
systematic control of the creation, receipt, maintenance, use   Ethernet.
and disposition of records and the associated processes for
capturing and maintaining evidence of and information about
business activities and transactions in the form of records.




                                                                                                                                                                                                                         page 9 of 11
ICT Categories - Key definitions
Desktop                                                             Hosting                                                                     IDAM & Security services                                           Networks


Email & Calendar Clients: Client component of software              Print Servers: Print Servers provide services that manage the access,       Enrolment: Creation of access rights for a registered user to
that enables delivery, receipt and management of electronic         availability, security and workload of printers.                            access specific resources (applications, systems, networks and
messages and scheduling of activities for individuals and                                                                                       information) they are entitled to. This is the subscription time
groups.                                                                                                                                         component of Access Control.


Email Services: Server component of infrastructure that             Server Virtualisation: Virtualisation is the simulation of some effect      Provisioning: Also called On-Boarding, User Provisioning
enables delivery and receipt of electronic messages and             or condition on a computer or its resources. Server virtualisation          refers to the creation, maintenance and deactivation of user
scheduling of activities for individuals and groups.                allows multiple isolated user-space instances to be established on one      objects (that identify users - people or systems) and their
                                                                    set of server hardware. To the user application, these look like separate   attributes, as they exist in one or more systems, networks,
                                                                    virtual machines. These virtual machines can provide similar or             directories or applications. Provisioning establishes what
                                                                    different Operating Systems. Server virtualisation is useful for            services, transactions and information the user may receive
                                                                    consolidating, onto a single server, applications that previously needed    and how they acquire them. It may include the Registration,
                                                                    to run on separate servers, thus reducing the capital and operational       issuing of Credentials, and Enrolment parts of user
                                                                    costs, and carbon emissions. Virtualisation makes this possible by          management. Provisioning is a process supported by software
                                                                    allocating specific resources to each application and providing a level     tools that provide the integration between all the applications
                                                                    of security and failure isolation between the applications.                 providing the applications, services or information.
                                                                    Server virtualisation is distinguished from Storage, Application and
                                                                    Desktop virtualisation. However, each of these can offer cost and
                                                                    emission savings.



Operating System: An Operating System (commonly                     ###########################################                                 Registration: Registration is primarily the business process
abbreviated OS) is the software component of a computer                                 ###                                                     that is at the front-end of the Identity Management life-cycle.
system that is responsible for the management and                                                                                               Its primary task is to establish and validate the identity and
coordination of activities and the sharing of the resources of                                                                                  authority of the person who is about to receive identity
the computer. The operating system acts as a host for                                                                                           credentials (such as username and password), by sighting
application programs that are run on the machine. As a host,                                                                                    identity and authority documents. It may be supported by
one of the purposes of an operating system is to handle the                                                                                     registration applications.
details of the operation of the hardware. This relieves
application programs from having to manage these details and
makes it easier to write applications.
Common Operating systems include Microsoft Windows,
Solaris (UNIX), Linux and Mac OS X.




Search Services: Services for building simple and complex           Web servers: Web servers and portal servers for delivery of web             User Management: Process and tools to manage user
search queries against repositories, applications, databases,       content and services to users on the internet or intranet.                  registration and enrolment. It also includes handling
directories, to support search syntax types such as Keyword,                                                                                    credential replacement such as password reset.
SQL, URL, etc.
Web Browser and Plug-ins: Client software that runs on
the desktop or other device to display content served via the
network (Internet or Intranet).

This includes web pages provided in HTML, XML, etc.;
images; graphics; video and sound.


Handhelds: Handheld devices such as PDAs and tablet PCs
are used for ultra portable computing tasks.

Laptops: The Standard Laptop is a hardware component
which hosts the standard operating system environment and
user applications. The standard laptop is a “business class”
laptop computer that can be used as a portable device and does
not need to be fixed to a single location. The laptop computer is
the responsibility of the user to which it is allocated.




                                                                                                                                                                                                                              page 10 of 11
ICT Categories - Key definitions
Desktop                                                         Hosting   IDAM & Security services   Networks


PCs: The Standard Desktop PC is a hardware component
which hosts the standard operating system environment and
user applications. The standard desktop is a “business class”
personal computer, typically fixed at a designated location
within business offices and not intended to be used as a
portable device.




                                                                                                                page 11 of 11

				
DOCUMENT INFO
Description: Ict Security Project Proposal document sample