The final review should occur before the final sprint of the engagement. Customer participation is recommended or at minimum the customer should be debriefed about the meeting. At this time, all work that is considered in scope should be complete and all work items that will be left for the customer should be reviewed and communicated with the customer.
It's not best practice to address existing Defender recommendations in the last sprint as the final sprint should be left to deal with any emerging new work and revising the security plan so that it matches what is being delivered to the customer.
In ISE we don’t defer security fundamentals. There are no engagement types where it's appropriate to defer basic security fundamentals. Sometimes there are recommendations that layer on multiple protections or enhance fundamentals that the customer will decide to put on the backlog.
ACTIONS
Hold a triage meeting to review security recommendations.
Address recommendations, create backlog items to remediate findings as appropriate.
Meet with the customer to review final disposition
Record the observed Defender score here in the checklist tool
The final review should occur before the final sprint of the engagement. Customer participation is recommended or at minimum the customer should be debriefed about the meeting. At this time, all work that is considered in scope should be complete and all work items that will be left for the customer should be reviewed and communicated with the customer.
It's not best practice to address existing Defender recommendations in the last sprint as the final sprint should be left to deal with any emerging new work and revising the security plan so that it matches what is being delivered to the customer.
In ISE we don’t defer security fundamentals. There are no engagement types where it's appropriate to defer basic security fundamentals. Sometimes there are recommendations that layer on multiple protections or enhance fundamentals that the customer will decide to put on the backlog.
ACTIONS
Hold a triage meeting to review security recommendations. Address recommendations, create backlog items to remediate findings as appropriate. Meet with the customer to review final disposition Record the observed Defender score here in the checklist tool