Links to each Area of SIP Office
Here's a brief presentation of the SIP Office: our missions, activities and objectives.
Mission: The SIP Service integrates cybersecurity requirements into all SYENSQO projects, from design to operation, to minimize risks, protect assets, and ensure compliance with security standards and regulations.
Activities:
- Act as the primary contact for security and compliance assessments, raising risk awareness.
- Propose measures to mitigate risks to acceptable levels.
- Conduct security reviews throughout project lifecycles.
- Perform vendor assessments to evaluate cybersecurity and integrate security requirements into contracts.
- Educate collaborators on cybersecurity and promote best practices during project meetings.
Objectives:
Current:
- Separation Program (Top Priority): Integrate dedicated cybersecurity clauses into vendor contracts.
- New Projects (PMO): Assess new Syensqo sensitive projects.
Future (Under Construction):
- Integrate new SIP processes in the BUILD and RUN phases of the solution lifecycle.
- Develop risk analysis processes and tools in collaboration with PMO, legal, procurement, and architecture teams.
- Establish TPRM operations (process and tooling).
- Coordinate and follow up on technical external audits (e.g., pentesting).
Roles and Responsibilities:
- SIP Office Lead: Leads the service.
- SIP Office Team Coordinator: Organizes and manages the SIP workload, initiates assessments, assigns them to SIP analysts, manages communications, reporting, and ensures process integrity.
- SIP Analysts: Cybersecurity experts specializing in analyzing vendor and project risks.
