Scribd
Upload
116 views31 pages

QC Upload Template v1.5

This document provides guidance on using a template for uploading test cases and feedback points from pilot or review sessions. It explains how to enter information for test cases with multiple steps and feedback points. It notes that all fields are required and to contact the CSP TMO if dropdown values are missing.

Uploaded by

gkgvenu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
116 views31 pages

QC Upload Template v1.5

This document provides guidance on using a template for uploading test cases and feedback points from pilot or review sessions. It explains how to enter information for test cases with multiple steps and feedback points. It notes that all fields are required and to contact the CSP TMO if dropdown values are missing.

Uploaded by

gkgvenu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 31

Guide to using this template:

This template is owned by the CSP TMO.


If you have any questions about this template, or have any ammendments that
need to be made, please contact the CSP TMO. Comments have been added to
headings to facilitate the use of this template.

Uploading tests with multiple test steps:

Enter information into all cells that share the same row as the first test step.
For subsequent rows of the same test, but where there are multiple test steps,
leave cells blank, except for:

Test Step Name


Test Step Description
Expected Result of Test Step

Example:
Test ID Test Description
EPO_CA_001 Test that…

EPO_CA_002 Test that…

Uploading Feedback points from a non-technical Pilot or Review session

Every field is compulsorary. If one column contains the same value for each
feedback point, fill this out for every feedback point.
If the dropdown values for 'CSP Project' or 'Module' are not present, contact the
CSP TMO

# Classification: Internal
Priority Test Step Name Test Step Description
P1 - Urgent Step 1: xxx xxx
Step 2: xxx xxx
Step 3: xxx xxx
P2 - High Step 1: xxx xxx

# Classification: Internal
Expected Result of Test Step Type Subject
xxx MANUAL HTC\FI\EPO
xxx
xxx
xxx MANUAL HTC\FI\EPO

# Classification: Internal
PR-ID Designer
PR-1234 ABC-123

PR-1234 ABC-123

# Classification: Internal
Test Name Test Description Priority Module

# Classification: Internal
Test Step Test Step Description

# Classification: Internal
Expected Result of Test Step Subject Designer CSP Project

# Classification: Internal
# Classification: Internal
# Classification: Internal
Ticket Type

Feedback from Review

Feedback from Review

# Classification: Internal
Summary

The 'DISP access' column in the stakeholders list is to be removed

Nick Lloyd should replace Maarten Van Hees on the stakeholder list

# Classification: Internal
Description
Against the list of stakeholders, a separate column denotes whether they have access to the Deloitte
Intelligence Sharing Platform. As this is a specialist platform, it was deemed unnecessary and should be
removed to improve the clarity of information displayed in the table.

Having now come into post, as Head of Cyber Security Plans & Engagement, Nick Lloyd should be entered
in the stakeholder list to replace Maarten Van Hees.

# Classification: Internal
Severity Priority Detected on Date Business stakeholder (email)
E4 - Trivial P4 - Low 5/14/2019 [email protected]

E4 - Trivial P4 - Low 5/14/2019 [email protected]

# Classification: Internal
Assigned To Regression Issue? CSP Project Work Product
RHA204 No Developed SOC CSO - Threat Intelligence SOP

RHA204 No Developed SOC CSO - Threat Intelligence SOP

# Classification: Internal
CSP Initiative CSP Workstream CSP PR-ID Triaged Assigned Team Detected in Cycle

# Classification: Internal
Detected in Test Phase Detected in Release Status

# Classification: Internal
# Classification: Internal
# Classification: Internal
# Classification: Internal
# Classification: Internal
CSP Project
AD Fast-Track Remediation
AD Process Improvement
AD Sustain
Application Remediation
Configuration Compliance
Developed SOC
End Point EPO Replacement
Endpoint Technology - Trend - W10
GRC Technology Enablement (Tooling)
GRC Compliance
GRC Governance
GRC Risk
Network Threat Detection and Protection
Resilience Business Continuity
Risk 343 - PAWS
Risk 73 - Algosec
SecOps Governance & Administration
SecOps Technology
Secure by Design
Security Organisation
CommVault Testing
Azure BCA Readiness
GRC Policies, Standards and Controls
Asset Lifecycle Management
Business Critical Assets
Citrix Posture Checking
CSP Outcomes
CSP Reporting Solution Phase 1
CSP Reporting Tool Phase 2
Cyber Recovery
Database Pattern Uplif
DDIT
Disaster Recovery Governance
Engine Room (Critical Infra & Cloud)
Firewall Security Control Enhancements
IaaS Gap Analysis (IBM)
Infrastructure Patch Management
Knowledge Management
Network Visibility Capability
Network Visibility Capabilty
Networks
PAM Architecture and Design
PAM Enterprise Platform
PAM Fast-Track
PAM Recertification
PAM Remediation Factory
PAM Target Operating Model

# Classification: Internal
Remote Access
Resilience
Secure Configuration Management
Terminals Cyber Incident Response & Recovery
TMO Demo
Uplif of Management Services
Vessels Cyber Incident Response & Recovery
VTW Architectures and Baseline
VTW Framework
VTW Response & Recovery
VTW Training & Awareness
Warehouse Cyber Incident Response & Recovery

# Classification: Internal
CSP Initiative CSP Workstream
Engine Room Protect
Engine Room Protect
Engine Room Protect
ARM Protect
Engine Room Protect
CSO Detect, Respond and Recover
Engine Room Protect
Engine Room Protect
Organisation Identify and Organisation
Organisation Identify and Organisation
Organisation Identify and Organisation
Organisation Identify and Organisation
Networks and Firewalls Protect
Resilience Detect, Respond and Recover
Sprints Sprints
Sprints Sprints
CSO Detect, Respond and Recover
CSO Detect, Respond and Recover
Organisation Identify and Organisation
CSO Detect, Respond and Recover
Engine Room Protect
Engine Room Protect
Organisation Identify and Organisation
App Remediation BAU
Assets & Knowledge TMO Demo
BAU Workstream - CSP Outcomes
Cyber Security Operations
Engine Room - FI - AD
Engine Room - FI - Endpoint
Engine Room - FI-DDIT
Engine Room - Identity & Access Management
Engine Room - Platform
Initiative - CSP Outcomes
Resilience, Recovery & Continuity
Secure By Design (SBD)
Sprints
TMO Demo

# Classification: Internal
CSP PR-ID Type
PR-4700 MANUAL
PR-4445
PR-4701
PR-4592
PR-4675
PR-4973
PR-4507
PR-4615
PR-4441
PR-4439
PR-4436
PR-4509
PR-4681
PR-4965
SC-0257
SC-0257
PR-4972
PR-4974
PR-4457
PR-4443
PR-4695
PR-4711
PR-4440
PR-0000
PR-4425
PR-4427
PR-4428
PR-4430
PR-4433
PR-4447
PR-4451
PR-4452
PR-4454
PR-4461
PR-4462
PR-4464
PR-4465
PR-4505
PR-4589
PR-4634
PR-4672
PR-4674
PR-4678
PR-4679
PR-4680
PR-4682
PR-5000

# Classification: Internal
PR-5006
PR-Demo
PR-Sprints
TBC

# Classification: Internal
Module
AD - Account Analysis
AD - Account Remediation
AD - Account Security
AD - Admin Framework
AD - Audit Policy
AD - Backup & Recovery
AD - DC Remediation
AD - Password Policy
AD - Policy
AD - Privilege Account
AD - Process
AD - Service Account
AD - Stale Account
AD - Stale Password
AD - UAC
BC - Target Operating Model
BIA - Classification
BIA - Dependency Analysis
BIA - Identification
BIA - Outage Planning
CommVault - CommServe
CommVault - DB
CommVault - MediaAgent
CommVault - VM
CSO - CSIRT Aide Memoires
CSO - Foundational SOC material revised
CSO - Master Threat Model
CSO - PM Log onboarding process
CSO - PM SOP v1
CSO - Policy Compliance SOP
CSO - Scan, Patch & non-compliance reporting templates
CSO - SOAR Framework
CSO - SOP 1
CSO - SOP 2
CSO - SOP 3
CSO - SOP 4
CSO - Threat Hunting SOP 1
CSO - Threat Hunting SOP 2
CSO - Threat Intelligence SOP
CSO - TI Options Paper
CSO - TI weekly report
CSO - Vulnerability Analysis Sop
DR - Application Technical Recovery Plan
EPO CyberArk
EPO Domain Controllers
EPO PKI
EPO Trend DSM

# Classification: Internal
EPP - Administration Process
EPP - Configuration
EPP - Deployment Process
EPP - Device Performance Baseline
EPP - Network Capacity Baseline
EPP - Policy
EPP - Process
EPP - Rollback Process
EPP - Trend Performance Baseline
GRC - Access Management Policy
GRC - Asset & Information Management Policy
GRC - Asset Identification & Inventory Management Standard
GRC - Awareness & Training Standard
GRC - Change Control & Maintenance Standard
GRC - Cyber Security Policy
GRC - Cyber Security Policy and Standards Blueprint
GRC - Cyber Security Policy and Standards Implementation Plan
GRC - Cyber Security Policy and Standards Playbook
GRC - Data Protection & Encryption Standard
GRC - Disaster Recovery Standard
GRC - Governance Standard
GRC - Identity & Access Management Standard
GRC - Incident Response Standard
GRC - Information System Hardening Standard
GRC - Network Security Policy
GRC - Resilience & Recovery Policy
GRC - Security Incident Management Policy
GRC - Security Monitoring Standard
GRC - Supply Chain Management Standard
GRC - Supply Chain Security Policy
GRC - Systems & Applications Security Policy
GRC - Threat & Vulnerability Management Policy
IPS - Performance
IPS - Policy
IPS - Process
IPS - Validate BCA
MM&R - Collection Layer
MM&R - Processing Layer
MM&R - Transformation Layer
PAWS - Connectivity and Access
PAWS - E2E build
PAWS - Maintenance
Resilience - BC Plans
Resilience - Op Model
Resilience CIM
Sprints
TMO Demo
AD - Detect Response & Recovery

# Classification: Internal
AD - Password Protection
EPP - End Point Protection
EPP - Performance Baseline
EPP - RBAC
EPP - Security Baseline
EPP - Validate BCA
ARM-(CRM) tool
ARM-(DOCMAN)
ARM-AFLS Cargo+Price
ARM-AMPS
ARM-Asygateway - EDI (JOC)
ARM-Carrier Booking
ARM-Case Management
ARM-Damco Axway - EDI
ARM-Draywatch
ARM-EDI (Damco)
ARM-EDI Gateway
ARM-EDI GW DDSI
ARM-GLEO3
ARM-Hazcheck
ARM-High Jump
ARM-ILSE Warehousing and Distribution (WND)
ARM-INTTRA
ARM-Macy's Merchandising Group (MMG) First Sale (FS)
ARM-MARS
ARM-MEPC
ARM-MyFinance
ARM-MYTRUCK
ARM-Onestream
ARM-Online Quote
ARM-RCM-EC
ARM-SAP Business Objects XI 4.2 (SAP BI) Platform
ARM-SAP Financial
ARM-SAP HCM
ARM-SCP
ARM-Seeburger
ARM-Self Service Instant Booking
ARM-SFX - DocPouch
ARM-Shipper
ARM-SOA ESB
ARM-SSP
ARM-USI (Unified Security Infrastructure)
CC-POC-Win2016Core
CSP Outcomes
Cyber - SOP1
Action Tracking SOP
Assurance Mapping SOP
Fieldwork SOP

# Classification: Internal
Preparation SOP
Regulatory Dashboards
Regulatory Playbook
Reporting SOP
GRC Tooling - Access Control
GRC Tooling - AD
GRC Tooling - Authoritative Sources
GRC Tooling - Business Hierarchy
GRC Tooling - Control Procedure
GRC Tooling - Controls Assurance
GRC Tooling - Controls Framework
GRC Tooling - CRL
GRC Tooling - CyberArk
GRC Tooling - Governance
GRC Tooling - Information Assets
GRC Tooling - Libraries and Data Sources
GRC Tooling - Policy
GRC Tooling - Reporting
GRC Tooling - Risk Management
GRC Tooling - Risk Treatment
GRC Tooling - Standard
IDS - Policy
CIM - Handbook
CIM - Plan
CIM - Policy
CIM - Toolkit
AlgoSec
MM&R - SNOW
MM&R - Visualisation Layer

# Classification: Internal
Defect Type Severity Priority
Feedback from Pilot E1 - Critical P1 - Urgent
Feedback from Review E2 - Major P2 - High
E3 - Minor P3 - Normal
E4 - Trivial P4 - Low

# Classification: Internal
Detected in Test Phase YesNoList
Document Review Yes
Non-technical Pilot No

# Classification: Internal

You might also like