Discuss and determine actions for audit presentation feedback as part of audit reflection - Githubissues

cass-degrees / CASS-Degrees

Landing page for the CASS Degrees Techlauncher Team

2 stars 1 forks source link

Discuss and determine actions for audit presentation feedback as part of audit reflection #38

Closed joshcbee closed 5 years ago

joshcbee commented 5 years ago

Audit presentation feedback:

Pending legacy issues on landing page
Look at doer/approver process and perhaps using something like GitFlow
Coding standards - PEP8 - implement from the start
Look at a tool like Snare of Splunk for application logging.
Diversity of language - research diversity of existing templates and language to see if it raises any issues for implementation.

For next audit will want to see:

Consideration of security - push requests rejected when they’re supposed to be.
Further exploration of Federation Authentication - may not be implemented until semester two but it should be fairly simple
Making sure that the tool is lining up with the expectations of CASS staff (particularly around workload the tool may impose).

joshcbee commented 5 years ago

Semester one - show that hardcoded logins are the only ones who can make put requests.
Semester two - explored Federated log-in. Snare and splunk to be considered in semester 2
Look at the estimation of workload for creating a plan. Conduct UAT to uncover issues. Book meeting to discuss handover requirements.
All others addressed.