What you get:
BMC will perform the following for one IMS database instance:
- Conduct interviews with key Customer staff including:
- Security engineering
- Security administration
- Systems programming team
- Customer technical management
- Conduct assessment of IMS covering:
- Review of security controls in ESM including the defined resources and profiles as well as the access granted
- Review of security related configuration settings including definitions contained within the sequential, PDS datasets, or instream
- Analyze data to identify vulnerabilities
- Create draft Security Assessment Report
- Create the Remediation Effort Indicator document detailing issues and risks identified during the security assessment.
- Finalize Security Assessment Report
- Provide encrypted deliverables to Customer
Customer will be responsible for:
- Providing access to key Customer staff for interviews
- Providing remote access to the customer mainframe via Virtual Private Network (VPN) or Virtual Desktop Interface (VDI)
- Reviewing the draft deliverables
- Providing feedback within a timely manner
Deliverables: Using BMC’s standard methodology and templates, the following Deliverables are in scope for this project and will be delivered:
- Security Assessment Report
- Remediation Effort Indicators
Completion Criteria: BMC will have completed these Consulting Services when the in-scope Consulting Services have been completed and the Deliverables have been delivered to the Customer Project Manager.
