Description:
The following actions/deliverables will be performed by the vendor TRA offering:
confirm with departmental sponsor TRA scope including obtaining detailed system design and architecture documentation (for instance, Enterprise Architecture Diagrams to physical degree of detail, Data Flow Diagrams, Use-Case Scenarios etc.);
plan and facilitate workshops with stakeholders to identify threats, vulnerabilities, and appropriate controls against digital service assets;
participate and contribute in other cybersecurity deliverables such as Vulnerability Assessments or Penetration Testing, as related to the department or NSH digital service or project;
submit and deliver a formal presentation of the TRA deliverable to the requesting Departmental or NSH service.