From 3531a624199c4a6600f04eedbb63ca43e273d0ff Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 11:43:52 +0100 Subject: [PATCH 01/11] :memo: Added deployment management section. Co-authored-by: Jim Madge Co-authored-by: Hari Sood Co-authored-by: Matt Craddock --- docs/source/standard.md | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 2553c86b..7cdc67f5 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -203,17 +203,35 @@ The ability of the TRE organisation to administer and secure network infrastruct The ability of the TRE organisation to manage necessary physical or virtual infrastructure. -| Statement | Guidance | -| --------- | -------- | -| | | - #### 2.4.1 Deployment management -The ability of the TRE organisation to instantiate, deploy, change or remove deployed infrastructure. - -| Statement | Guidance | -| --------- | -------- | -| | | +_The ability of the TRE organisation to instantiate, deploy, change or remove deployed infrastructure._ + +```{list-table} +:header-rows: 1 +:name: tab-deployment-management +* - Statement + - Guidance + - Mandatory status +* - You must have a documented procedure for deploying infrastructure. + - This might, for instance, be a handbook that is followed or a set of automated scripts. + - Mandatory +* - Where possible, you should automate any repeatable aspects of your deployment. + - This might involve using infrastructure-as-code tools or simply a series of scripts. + - Recommended +* - You must test changes before they are used in production. + - This might involve a separate development environment or another system for testing. + - Mandatory +* - You could test changes in a development environment that mirrors your production system. + - Consider the costs and practicality of whether this will work for your situation. + - Optional +* - You must have a documented procedure for making changes to deployed infrastructure. + - This refers both to changes that might be expected in the course of normal operation and emergency changes that might be needed. + - Mandatory +* - You must have a documented procedure for removing infrastructure when it is no longer needed + - + - Mandatory +``` #### 2.4.2 Capacity management From b4630e177b4a0537c1d99305728d2600fc346786 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 12:05:31 +0100 Subject: [PATCH 02/11] :memo: Added capacity management section. Co-authored-by: Jim Madge Co-authored-by: Hari Sood Co-authored-by: Matt Craddock --- docs/source/standard.md | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 7cdc67f5..7d7e896a 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -235,11 +235,28 @@ _The ability of the TRE organisation to instantiate, deploy, change or remove de #### 2.4.2 Capacity management -The ability of the TRE organisation to ensure the right amount of resources are available at the right time to provide a service. +_The ability of the TRE organisation to ensure the right amount of resources are available at the right time to provide a service._ -| Statement | Guidance | -| --------- | -------- | -| | | +```{list-table} +:header-rows: 1 +:name: tab-capacity-management +* - You must ensure that all projects understand what resources are available and what the associated costs will be before the project starts. + - For on-premises systems this might be related to the available hardware, for cloud-based systems there might be limits on how many instances of a particular resource (_e.g._ GPUs) can be used. Projects should use this information to understand whether the available resources will be sufficient for their requirements. + - Mandatory +* - You should ensure that the anticipated needs of projects can be satisfied using available resources. + - Note that this does not require you to accept requests for additional resources, but rather that promises made about resource availability before a project starts should be honoured wherever possible. + - Recommended +* - You must ensure that sufficient budget is available to support the anticipated need for resources. + - For cloud-based TREs this may involve budgeting and/or restricting resource consumption on a project-by-project basis. + For on-premises TREs this may involve managing expectations to match the available resource. + - Mandatory +* - You must have a procedure for increasing/decreasing available resources. + - For cloud-base TREs this may involve scaling resource attributes or deploying additional resources. + - For on-premises TREs this may involve a procurement process to ensure that necessary resources are available. +* - You must have a procedure to decide when to change capacity. + - Not all requests for capacity increase must necessarily be granted, but having a clear process will help projects understand when/why/how they can make use of additional capacity. + - Mandatory +``` #### 2.4.3 Configuration management From c278fc179955351e73372a0dd613d1af4a4b4f57 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 12:11:36 +0100 Subject: [PATCH 03/11] :memo: Added configuration management section. Co-authored-by: Jim Madge Co-authored-by: Hari Sood Co-authored-by: Matt Craddock --- docs/source/standard.md | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 7d7e896a..9a95695a 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -260,11 +260,27 @@ _The ability of the TRE organisation to ensure the right amount of resources are #### 2.4.3 Configuration management -The ability of the TRE organisation to identify, maintain, and verify information on IT assets and configurations in the TRE organisation. +_The ability of the TRE organisation to identify, maintain, and verify information on IT assets and configurations in the TRE organisation._ -| Statement | Guidance | -| --------- | -------- | -| | | +```{list-table} +:header-rows: 1 +:name: tab-configuration-management +* - You must have a documented procedure for configuring infrastructure. + - This might, for instance, be a handbook that is followed or a set of automated scripts. + - Mandatory +* - You should use configuration management tools to automate application of your configuration wherever possible. + - This might involve configuration-as-code tools such as Ansible, Chef, Puppet or Windows Desired State Configuration or simply automated scripts. + - Recommended +* - You should be able to verify whether the configuration is valid. + - This might, for instance, involve running your configuration management tool in 'check' mode. + - Recommended +* - You should, if possible, regularly verify your TRE configuration. + - This will limit the amount of time the TRE can spend in a non-compliant state. + - Mandatory +* - You must be able to replace a non-compliant TRE with a compliant system. + - This might involve reconfiguring a running system or by replacing it with a compliant one. + - Mandatory +``` ### 2.5 Availability management From 54c280574512787b0673cbc59b3ca0ff5e6a134a Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 12:16:31 +0100 Subject: [PATCH 04/11] :memo: Added availability management section. Co-authored-by: Jim Madge Co-authored-by: Hari Sood Co-authored-by: Matt Craddock --- docs/source/standard.md | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 9a95695a..afc84643 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -284,11 +284,19 @@ _The ability of the TRE organisation to identify, maintain, and verify informati ### 2.5 Availability management -The ability of the TRE organisation to ensure all IT infrastructure, processes, tools, roles etc are appropriate for the agreed availability targets. +_The ability of the TRE organisation to ensure all IT infrastructure, processes, tools, roles etc are appropriate for the agreed availability targets._ -| Statement | Guidance | -| --------- | -------- | -| | | +```{list-table} +:header-rows: 1 +:name: tab-availability-management +* - You should understand the availability and uptime guarantees of any providers that you rely on. + - For remote TREs this might include your cloud provider(s) and/or data centre operators. + For on-premises TREs, it might be worth considering your ISP and electricity provider. + - Recommended +* - You should develop an availability target or statement and share this with your users. + - Understanding how and when the TRE might be unavailable will help your projects in planning their work. + - Recommended +``` (standard_capability_data_management)= From 6915ca8655646ee961f04a51da3a303f4316796b Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 14:56:54 +0100 Subject: [PATCH 05/11] :bug: Add missing table headers --- docs/source/standard.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/source/standard.md b/docs/source/standard.md index afc84643..3bc71b04 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -240,6 +240,9 @@ _The ability of the TRE organisation to ensure the right amount of resources are ```{list-table} :header-rows: 1 :name: tab-capacity-management +* - Statement + - Guidance + - Mandatory status * - You must ensure that all projects understand what resources are available and what the associated costs will be before the project starts. - For on-premises systems this might be related to the available hardware, for cloud-based systems there might be limits on how many instances of a particular resource (_e.g._ GPUs) can be used. Projects should use this information to understand whether the available resources will be sufficient for their requirements. - Mandatory @@ -265,6 +268,9 @@ _The ability of the TRE organisation to identify, maintain, and verify informati ```{list-table} :header-rows: 1 :name: tab-configuration-management +* - Statement + - Guidance + - Mandatory status * - You must have a documented procedure for configuring infrastructure. - This might, for instance, be a handbook that is followed or a set of automated scripts. - Mandatory @@ -289,6 +295,9 @@ _The ability of the TRE organisation to ensure all IT infrastructure, processes, ```{list-table} :header-rows: 1 :name: tab-availability-management +* - Statement + - Guidance + - Mandatory status * - You should understand the availability and uptime guarantees of any providers that you rely on. - For remote TREs this might include your cloud provider(s) and/or data centre operators. For on-premises TREs, it might be worth considering your ISP and electricity provider. From 5a002420b19917e9a2355466d3f0ca8ecce8a876 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 14:59:08 +0100 Subject: [PATCH 06/11] :truck: Move change making point --- docs/source/standard.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 3bc71b04..79c0e0c1 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -219,15 +219,15 @@ _The ability of the TRE organisation to instantiate, deploy, change or remove de * - Where possible, you should automate any repeatable aspects of your deployment. - This might involve using infrastructure-as-code tools or simply a series of scripts. - Recommended +* - You must have a documented procedure for making changes to deployed infrastructure. + - This refers both to changes that might be expected in the course of normal operation and emergency changes that might be needed. + - Mandatory * - You must test changes before they are used in production. - This might involve a separate development environment or another system for testing. - Mandatory * - You could test changes in a development environment that mirrors your production system. - Consider the costs and practicality of whether this will work for your situation. - Optional -* - You must have a documented procedure for making changes to deployed infrastructure. - - This refers both to changes that might be expected in the course of normal operation and emergency changes that might be needed. - - Mandatory * - You must have a documented procedure for removing infrastructure when it is no longer needed - - Mandatory From f7fa7f01a5c82037a763a07bc5b32b6c5706a84a Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 15:00:44 +0100 Subject: [PATCH 07/11] :memo: Add reference to change management accreditation --- docs/source/standard.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/source/standard.md b/docs/source/standard.md index 79c0e0c1..2e9866c1 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -221,6 +221,7 @@ _The ability of the TRE organisation to instantiate, deploy, change or remove de - Recommended * - You must have a documented procedure for making changes to deployed infrastructure. - This refers both to changes that might be expected in the course of normal operation and emergency changes that might be needed. + Your change management process may form part of a wider accreditation such as ISO 27001. - Mandatory * - You must test changes before they are used in production. - This might involve a separate development environment or another system for testing. From f2cc74876c612b481a57a6742da9e13c3114eca9 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 15:34:51 +0100 Subject: [PATCH 08/11] :bug: Fixed column specification --- docs/source/standard.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 2e9866c1..f3e477ac 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -256,7 +256,8 @@ _The ability of the TRE organisation to ensure the right amount of resources are - Mandatory * - You must have a procedure for increasing/decreasing available resources. - For cloud-base TREs this may involve scaling resource attributes or deploying additional resources. - - For on-premises TREs this may involve a procurement process to ensure that necessary resources are available. + For on-premises TREs this may involve a procurement process to ensure that necessary resources are available. + - Mandatory * - You must have a procedure to decide when to change capacity. - Not all requests for capacity increase must necessarily be granted, but having a clear process will help projects understand when/why/how they can make use of additional capacity. - Mandatory From 93f564e86d03710e74e30ae220a4d877b7460ad5 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 15:36:22 +0100 Subject: [PATCH 09/11] :memo: Add guidance for removing infrastructure Co-authored-by: Jim Madge --- docs/source/standard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index f3e477ac..946d8a04 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -230,7 +230,7 @@ _The ability of the TRE organisation to instantiate, deploy, change or remove de - Consider the costs and practicality of whether this will work for your situation. - Optional * - You must have a documented procedure for removing infrastructure when it is no longer needed - - + - Removing unused infrastructure not only reduces costs and management burden but also reduces the attack surface of a TRE and reduces the risk of unaddressed vulnerabilities. - Mandatory ``` From 32f720ef6add118592aec1f3421e396204135728 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 15:39:48 +0100 Subject: [PATCH 10/11] :memo: Reworded budget item --- docs/source/standard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 946d8a04..7621c6d4 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -250,7 +250,7 @@ _The ability of the TRE organisation to ensure the right amount of resources are * - You should ensure that the anticipated needs of projects can be satisfied using available resources. - Note that this does not require you to accept requests for additional resources, but rather that promises made about resource availability before a project starts should be honoured wherever possible. - Recommended -* - You must ensure that sufficient budget is available to support the anticipated need for resources. +* - You must ensure that the anticipated resource requirements will not result in overspending by the TRE. - For cloud-based TREs this may involve budgeting and/or restricting resource consumption on a project-by-project basis. For on-premises TREs this may involve managing expectations to match the available resource. - Mandatory From 22239d2177198ae2a18f80d967177af6c3634605 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 7 Jun 2023 15:41:16 +0100 Subject: [PATCH 11/11] :recycle: Update wording about resource scaling --- docs/source/standard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/standard.md b/docs/source/standard.md index 7621c6d4..09e9665e 100644 --- a/docs/source/standard.md +++ b/docs/source/standard.md @@ -255,7 +255,7 @@ _The ability of the TRE organisation to ensure the right amount of resources are For on-premises TREs this may involve managing expectations to match the available resource. - Mandatory * - You must have a procedure for increasing/decreasing available resources. - - For cloud-base TREs this may involve scaling resource attributes or deploying additional resources. + - For cloud-based TREs this may involve scaling resources, such as virtual machines or databases, or deploying additional resources. For on-premises TREs this may involve a procurement process to ensure that necessary resources are available. - Mandatory * - You must have a procedure to decide when to change capacity.