Controlling Messaging Services - Acquistions and Implementation
When it comes to governing messaging services, the acquitision and implementation phases come after the planning and organizing. The control objective at this point is ensuring an appropriate solution is selected, that is one that meets the functional requirements and at the same time fits into the existing technology infrastrucutre. This isn't always as easy as it sounds.
For starters, you will need a set of requirments for what is expected of a messaging system. How many users will be supported? What volume of traffic is expected? What are the availability requirments? How averse to risk is management? How will it work with existing access control/identity management systems? What other security requiements exist? Are crypto services required? Will it integarate with a PKI? How will digital signatures be managed? And on and on and on ...
The next step is map the requirements into a design specification and implement the solution in a test environment. This may seem the obvious next step from the perspective of a seasoned developer or system admin, but concepts like code promotion through distinct development, test and production envioronments and formal release management procedures are suprisingly new to some organizations.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
