DS&P

Purposes

manage and support access to Client system

Document the Client requirements on data security and privacy

Describe the types of Client data

Describe the environments to which IBM team has access

References

List the project document

Procedure for access to production environments

Welcome Package

Quality plan

Contract with the Client

Data Security Plan

DS&P risk management

Contract negociations

composition of the team

changes to the contract

Client special DS&P requirements

PI
Personal Information

SPI
Sensitive Personal Information

BSI
Business Sensitive Information

Workplace security

Administration and Control of Accesses to client environments for IBM team

Data security techniques

On developments and tests environments

On production environment

For all environments

Storage and suppression of Client data

Data encryption Not applicable

Data encryption Not applicable

Portable media data protection

Portable media data protection

Separation of duties SOD (Separation of Duties)

Management Review