The CEO liked your initial ideas about security models and workflows,” your boss tells you; “she knows it’s just a preliminary, rough set of concepts. She thinks we’re ready to take the next steps and start developing an implementation plan. Show her how we’d identify key functions, assign them to either existing positions or new ones we’d create, how the people doing those jobs report up chain for leadership and management, and how they relate to each other.”
Wow, you think. Now what?
“What did the CEO like?”, you ask yourself. Oh… she must have been referring to those notes you put together about CIANA, or CIANA+PS, and has heard about your conversations with your boss about taking a less bureaucratic, regulation-driven approach to Fleetwings’ information security operations.
And that swim lane or Work Flow chart that you did for the Incident Response… that was a good way of bringing up ideas and assumptions.
It’s time for a PLAYBOOK approach.
Playbooks and Work Flows
A Playbook is a collection of work flows. Its first “page” is a very high level listing or diagram of all of the major work flows that will be in the Playbook, sort of a Table of Contents.
Recalling from Module 2, a Work Flow takes functional groups of people and plots out the tasks that group performs — while showing how that group has to interact with other groups in doing so.
Assignment 2,4 produced your first Work Flow diagram. If you did this correctly, it showed teams, groups, or individuals doing different functions, such as “end users” or “help desk”, and how each took actions on their own as part of an incident detection and response cycle.
That correct work flow diagram is one page in your Playbook. On the other hand, if your Incident Response and Forensics diagram is not a proper work flow diagram, you will need to redo it before you put it into the playbook.
The tasks for this week:
(1) Identify at least five major work flows that Fleetwings will need to have in place to have an effective information security program. List these on the first page of your Playbook.
(2) Develop at least two of these into Work Flow diagrams
(3) Include your Incident Response diagram, corrected as necessary to reflect comments the boss gave you regarding it, as a third work flow
Feel free to start with rough notes and sketches. Brainstorm these out; add a fourth section to your Playbook and call it “Rough Concepts”, “Work in Progress,” or even just “Notes.” Capture questions along the way to flag ideas about things that you’ll want to investigate or look into later on.
Be as creative as you like.
One option might be to Animate and Narrate your work, as if you’re sitting across the Zoom screen from your boss and presenting, discussing, and going through ideas as you share your diagrams, charts, tables, and other renderings.
If you’re producing one file that contains everything, just attach that as your submission. If you’ve got lots of piece parts in different files, then please bundle everything up into a ZIP archive file, and submit that file. Be sure to have some kind of “read me” or “start here” in that archive, though, so that the boss knows where to look first.
Format and Mechanics
If you’ve already been using Visio, by all means, continue to do so!
If you’re not using Visio, you can do each diagram as a separate chart in Lucid Chart, or a separate slide in PowerPoint, and then put each diagram on a separate page.
Remember, you can make the page as big as you need to (or the font and shape sizes smaller) to make your swim lanes as rich and effective as you need to.