The LSST cybersecurity program consists of four top level policies, a subsystem specific plan for each technical subsystem, and cybersecurity risk spreadsheets for each subsystem. The program is to be reviewed annually and amended appropriately (see Baseline Project Information Security Program). For the renewal, each subsystem manager must review their respective subsystem plan and risk assessment spreadsheet using Docushare.
We are in the process of doing the 2016 update to the Data Management Information Security Plan (LDM-324) and Risk Sheet (LDM-325). A confluence page has been set up with links to the appropriate documents:
Please review the LDM documents and suggest edits/updates as necessary. If you wish, edit a copy of the word and excel files with revision tracking on and send to Jeff Kantor