DS&P
Purposes
manage and support access to Client system
Document the Client requirements on data security and privacy
Describe the types of Client data
Describe the environments to which IBM team has access
References
List the project document
Procedure for access to production environments
Welcome Package
Quality plan
Contract with the Client
Data Security Plan
DS&P risk management
Contract negociations
composition of the team
changes to the contract
Client special DS&P requirements
PI
Personal Information
SPI
Sensitive Personal Information
BSI
Business Sensitive Information
Workplace security
Administration and Control of Accesses to client environments for IBM team
Data security techniques
On developments and tests environments
On production environment
For all environments
Storage and suppression of Client data
Data encryption Not applicable
Data encryption Not applicable
Portable media data protection
Portable media data protection
Separation of duties SOD (Separation of Duties)
Management Review