2015 to April 2016 Home Office
Application Development Information Security UK
At the UK Borders DSAB project there was a portfolio of projects being undertaken in the new cloud based technologies with an agenda to move towards the use of public cloud. My role was to support this approach to business improvement
I decided then to use the CESG / NCSC IS1 Risk assessment methodology as a universal risk tool across the DSAB estate of applications being rolled out across UK Borders.
I had previous experience of using this tool soon after its inception in 2007 as a method for a pan-enterprise risk assessment approach, enabling the prioritization of risk management across an enterprise
Result : This holistic approach was then used to produce risk assessments for individual parts of the project estate by changing the scope and rerunning the assessment tool as each part was progressed towards consent to operate by the Home Office accreditor.