8.16.1 Introduction
1. Objectives
2. Methods
3. Conclusions
FIGURE 8.27 Acceptance test certificate
Acceptance Certificate
Project name
Acceptance test
speci?¬?cation
reference No
Issue: Date:
Accepted item
description
Accepted item
identity
Version/issue
Concessions
Originator??™s name Acceptance test dates
Originator??™s Signature
This certi?¬?es that the items de?¬?ned above meet the Acceptance test speci?¬?cation
Authorized on behalf of the customer
Test Documents 159
4. Scope and limitations
5. Assumptions
6. Historical factors
7. Difficulties encountered
8. Constraints
9. Information for those conducting future risk analyses
10. Documentation used
8.16.2 The Environment
1. Building details
2. Room details
3. Physical access control methods
a. Fingerprints
b. Eyeprints
c. Cards
d. Keys
e. Codes
4. External cabling security
5. Network topology
6. Machine specifications
7. Firewall details
8. Router details
9. Security software on all hardware
10. Operating systems used
11. Policies
a. Security applied
b. Password control
c User and group profiles
d. Authorization control
e. Configuration management
f. Archiving
g. Production software security
h. Telephone, cell phone, and fax
i. Video
j. Wifi
k. Internet
l. Audit access
8.16.3 The Risks Section
1. The information assets at risk
2. The threats and vulnerabilities considered
3. The risks, the probabilities of occurrence, and the value loss
4.
Pages:
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345