Scribd
Upload
95 views

TCI EA Reference Diagram

TCI-EA-Reference-Diagram

Uploaded by

humberto
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
95 views

TCI EA Reference Diagram

TCI-EA-Reference-Diagram

Uploaded by

humberto
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Business Operation Information Technology

Technology Solution Services (TSS) Security and Risk Management


Support Services (BOSS) Operations & Support (ITOS)
Compliance IT Operation Governance Risk & Compliance
Presentation Services
Audit Planning Contract Authority Maintenance Disaster Recovery Plan Compliance Management Policy Management

Independent Audits Third-Party Audits


Plan Management Test Management Presentation Modality Presentation Platform Vendor Management
Exceptions Self-Assessment

Consumer Service Platform End-Points


Info. System Regulatory IT Governance
Internal Audits Mapping Audit Management IT Risk Management Technical Awareness & Training
Social Media Collaboration Search E-Readers E-mail Mobile Devices Portable Devices Fixed Devices
Architecture & Governance Standards & Guidance Mobile Device
Intellectual Property Protection Management
Enterprise Service Platform
Medical Devices InfoSec Management
Resource Management
Desk Top Risk Portfolio Residual Risk
Operational Risk Management B2E B2M B2B B2C P2P Smart Appliances Capability Mapping Maturity Model Management Risk Dashboard Management
Segregation of Duties Contractors
Company Owned Third-Party Public Kiosk
Operational Risk Committee Crisis Management Secure Sandbox
Privilege Management Infrastructure
PMO
Business Impact Analysis Key Risk Indicator Speech Recognition (IVR) Identity Management
Program Management Project Management Remediation
Business Continuity
Handwriting (ICR)
Domain Unique Identifier Federated IDM Identity Provisioning Attribute Provisioning

Planning Testing Portfolio Management


Application Services Authentication Services
Maturity Model Roadmap Strategy Alignment
Risk Based Multi Factor
Risk Management Framework SAML Token OTP Smart Card
Authentication Authentication
Programming Interfaces Security Knowledge Lifecycle Development Process
Business Assessment Technical Assessment Network
Service Delivery Input Validation
Security Design Security Application Code Samples Attack Patterns Self-Service
Password Management Biometrics
Authentication
Single Sign On
Pattern Framework
Service Level Management Middleware Out of the Box (OTB)
Independent Risk Management Security Code Review Application Vulnerability Scanning Stress and Volume Testing WS-Security Identity Verification
Authentication Authentication
Objectives Internal SLAs OLAs Intergration Middleware
Authorization Services
Human Resources Security Software Quality Assurance
External SLAs Vector Management Service Dashboard Connectivity & Delivery Abstraction Entitlement Review Policy Enforcement Policy Definition Policy Management
Principal Data
Management
Employee Termination Employment Agreements
Information Technology Resiliency Resource Data Out of the Box (OTB)
Background Screening Job Description
Information Services Management
XACML Obligation
Authorization
Availability
Resiliency Analysis Capacity Planning
Management
Privilege Usage Management
Roles and Responsibilities Employee Awareness Service Delivery Data Governance
Application Performance Monitoring Keystroke / Session Privilege Usage Hypervisor Compliance
Password Vaulting Resource Protection
Employee Code of Conduct Service Catalog SLAs OLAs Contracts Recovery Plans Risk Assessments Non-production Data Information Leakage Data Segreation
Logging Gateway and Governance
Metadata
Asset Management
Operational
Data Governance
Service Costing
Budgeting Reporting Services BOSS Threat & Vulnerability Management
Investment Compliance Testing
Data Owner/ Stewardship Data Classification Charge Back Dashboards Data Mining Business Intelligence Reporting Tools Risk Assessments Data Classification Process Ownership
Budgeting
Databases (DBs) Servers Networks
HR Data (Employees &
Handling/Labeling/Security Secure Disposal of Data Audit Findings Contractors) Business Strategy
Service Support ITOS
Rules for Information Leakage Vulnerability Management
Clear Desk Policy Preventions
Configuration Management PMO Strategy Road map Risk Management
Application Infrastructure DB
Rules for Data Retention Software
Capacity Building Physical Inventory Problem Management Incident Management CMDB GRC RA BIA
Management
Automated Asset Configuration Penetration Testing Threat Management
DR & BC Plans VRA TVM (Threat Vulnerability
Security Monitoring Services Discovery Management Knowledge Management Service Management Change Management Management)
Internal External Source Code Scanning Risk Taxonomy

SIEM Platform Event Mining Knowledge Management


Service Support User Directory Service
Application
Database Monitoring
Monitoring
Best Practices Trend Analysis Benchmarking
Configuration Rules (Metadata) Service Events Configuration Active Directory
Registry Services LDAP Repositories Location Services X.500 Repositories Infrastructure Protection Services
Management Database Services
Security Job Aids Security FAQ Server
Honey Pot End Point Monitoring
Knowledge Repository Change Logs Federated Services DBMS Repositories Virtual Directory Services Meta Directory Services
Sensitive File
Behavioral Malware Prevention White Listing
Protection
Event Correlation Cloud Monitoring Change Management
Market Threat Change Review Security Monitoring HIPS / HIDS Anti-Virus Host Firewall
E-mailing Journaling Service Provisioning Approval Workflow
Intelligence Board
Session Events Authorization Events Authentication Events Application Events Network Events Computer Events Privilege Usage Events eDiscovery Events
Planned Changes Endpoint
Counter Threat Management SOC Portal
DLP Events NIPS Events Compliance Monitoring CRLs ACLs Database Events HIDS-HIPS Transformation Services Anti-Virus, Anti-Spam, Hardware-Based
Project Changes Operational Changes HIPS / HIDS Host Firewall Media Lockdown
Anti-Malware Trusted Assets
Managed Security Services Knowledge Base
Behavioral Malware
Inventory Control Content Filtering Forensic Tools White Listing
Emergency Changes Prevention
Branding Protection Anti-Phishing
Infrastructure Services
Real-time internetwork defense User Behavior and Profile Network
(SCAP) Patterns Incident Management
Security Incident Internal Infrastructure Virtual Infrastructure Behavioral Malware
Prevention
Firewall Content Filtering DPI
Automated Ticketing Self-Service
Response
Legal Services Facility Security Desktop “Client” Virtualization Application Virtualization
NIPS / NIDS Wireless Protection
Link Layer Network
Black Listing Filtering
Cross Cloud Security Security
Ticketing Controlled Physical Access Client Application Server Application
Incident Response Local
Contracts E-Discovery Streaming Streaming
Barriers Electronic Survelliance Security Patrols Physical Authentication Remote Application
Problem Management
Incident Response Legal Preparation Virtual Workspaces XML Appliance Secure Messaging Application Firewall Secure Collaboration Real Time Filtering
Asset Handling Session-based VM-Based (VDI)
Event Classification Root Cause Analysis Trend Analysis
Vertical Isolation
Internal Investigation Orphan Incident
Data Storage Hardware
Problem Resolution
Management
Server Virtualization Data Protection
Forensic Analysis E-mail Journaling Environmental Risk Management
Release Management Vitural Machines (Host Based) Data Life Cycle Management
Physical Security Equipment Location Power Redundancy
Full Paravirtualization Hardware-assisted eSignature
Scheduling Testing Build Meta Data Control Data De-Identification Life Cycle Management
(Unstructured Data)

Source Code Availability Services Data Masking Data Obscuring Data Tagging Data Seeding
Version Control OS Virtualization TPM Virtualization Virtual Memory
Management
Patch Management Servers
Data Loss Prevention
Storage Virtualization
Compliance Monitoring Service Discovery Secure Build Image Management
Block-Based Virtualization Data Discovery Network (Data in Transit) Endpoint (Data in Use) Server (Data at Rest)
Enterprise Architecture / Trusted Cloud Initiative Reference Mapping Classifications Host-Based
Equipment Maintenance
LDM LVM LUN Intellectual Property Protection
Key Domain Network Services
Intellectual Property Digital Rights Management
Network Segmentation Authoritative Time Source Storage-Device Based

Cryptographic Services
Solution Domains Storage Services
Network-Based
Key Management
PKI
Appliance Switched
Symmetric Keys Asymmetric Keys
Domains Signature Services
Lead Authors: Jon-Michael C. Brook, Michael Roza
Component Groups File-Based Virtualization Data-in-Transit Encryption Data-at-Rest Encryption
Data-in-Use Encryption (Memory)
Contributors: Shawn Harris, Sunil Shanthi, Michael Theriault, Rolando Marcelo Vallejos, Ashish Vashishtha, Suri Venkat, (Transitory, Fixed) (DB, File, SAN, Desktop, Mobile)
Component Sub-Groups Henry Werchan
Containers
Network Virtualization
CSA Team: Sean Heide, Jim Reavis, AnnMarie Ulskey (Design), John Yeoh Network Address Space
Policies & Standards
IPv4 IPv6 Operational Security Information Security
Baselines Job Aid Guidelines Role Based Awareness Policies

External (VLAN) Internal (VNIC) Best Practices & Regulatory


Technical Security Standards Data / Asset Classification Correlation
© 2021 Cloud Security Alliance – All Rights Reserved. You may download, store, display on your computer, view, print, and link to the Cloud Security Alliance at https://cloudsecurityalliance.org subject to the following: (a) the draft may be used
solely for your personal, informational, non-commercial use; (b) the draft may not be modified or altered in any way; (c) the draft may not be redistributed; and (d) the trademark, copyright or other notices may not be removed. You may quote Database Virtualization Mobile Device Virtualization Smartcard Virtualization
portions of the draft as permitted by the Fair Use provisions of the United States Copyright Act, provided that you attribute the portions to the Cloud Security Alliance.

You might also like