Security/SOP/Requests For Service
SOP Name: WIKISEC-RFS-SOP
SOP Description: Processes through which to request resourcing, feedback and commitment from the Security Team
Authority: Director of Security
Last reviewed on: 10 January 2020
Author(s): Wikimedia Security Team
Data Classification: Public
Purpose
[edit]In order to effectively resource the highest priority work and to enable predictability (as much as it is possible) in customer interactions we have defined standards for work intake and processing.
Please see our statements on consistency and commitment.
Please see our services to understand the implemented portion of our charter.
Making a Request for Service
[edit]- Users who wish to discuss new initiatives or require assistance determining which services are relevant should fill out our request for service form.
- IMPORTANT: By default will only be visible to members of the Security Team, subscribers, and the author.
- Privacy review requests should use our Privacy intake form in Asana
- Security Readiness Review requests need to follow our SOP for that service
- Security Preview requests need to follow our SOP for that service.
- Users reporting general issues with security should see Reporting Security Bugs.
If all else fails, an email to security-help@ is a valid initial step when there is uncertainty regarding process, scope, services needed. We want to assist you in navigating our workflows :)
Other Information
[edit]Details on workflows and expectations for shared platforms are defined in our team handbook.
Phabricator permissions and security may not be intuitive. It is strongly recommended users take advantage of the Protect as Security Issue and Report Security Issue mechanisms where appropriate.