PROJECTSUMMIT*BUSINESSANALYSTWORLD, NOVEMBER 7-9, 2022
WASHINGTON, DC • THE WESTIN ARLINGTON GATEWAY
Aren’t you glad you weren’t the reason customer data was lost?! Well, maybe you are. If security isn’t built into your systems from the beginning, it is very difficult to add it later. You owe it to your customers and employees to learn the security landscape and how to elicit, document and enforce security in your solutions. Learn how you as the BA or project leader can ensure that your solution isn’t vulnerable.
This session will be led by Hans Eckman whose team had delivery responsibility for Client Authentication and Security, Governance, Risk Management, Compliance/Information Security, and Internal Identity Access Management for SunTrust’s Technology Risk and Compliance teams. Through SunTrust’s BA Center of Excellence, Hans helped establish reusable non-functional requirements and review processes including application security and records retention. The session is an industry and company-agnostic look at information security from a project resource viewpoint.
Learning Objectives
- Learn the security basics and terminology: Authentication vs Authorization, entitlements, encryption, records retention, challenge vs adaptive, and security vs fraud.
- Learn how to use functional requirements, non-functional requirements, and business rules to integrate your security teams into your projects and solutions.
- Learn how to build reusable requirements assets to provide continuity between applications, shorten requirements cycles and reduce missed requirements.
- Learn who to engage and when for elicitation and validation.
Example presentation:
