|
|
||||||||||||||||||
...
No opportunities for improvement were identified in the FY09 LBNL Performance Evaluation Report; however, we agreed that an important area for focus is cloud-security and policy. A cloud security working group has been formed, and drafts of guidance for researchers seeking to acquire cloud-based services are being prepared. A major paper on the security and policy implications of Google Apps use has been drafted and is being revised for circulation. A briefing for BSO is scheduled for Q2
Performance against each of the PEMP Notable Outcomes
Outcome: Review Incidents Quarterly and Determine whether they are within our acceptable risk envelope.
...
Conduct this review in Q3 or Q4.
Performance in meeting any contract requirements not specifically included in the PEMP, but that may positively or negatively affect Objective or Goal ratings. This should include results of independent assessments, self-assessments, etc.
No reviews are ongoing at this time. We expect reviews to be concentrated at the end of the performance period, conicident with activities related to the new ATO.
Areas of concern/risks.
At this time, we do not forsee any major concern areas; however, the theft of emails from Climate Researchers in the UK suggests that some of our researchers may be the target of directed, well-resourced attacks designed to diminish their credibility in the future. We continue to evaluate whether this development has implications for our acceptable risk envelope and if so, how we should respond.
...
