- Prepare a checklist of deliverables and requirements for
integration
Also identify the basic requirements for integration of current IT infrastructure with SIEM. Check the mechanism of how the SIEM communicates with the integrated devices/servers, discuss it with SMEs to create a knowledge-base for reference which should not only include the so called Plan of Action (PoA) but also detailed diagnosis in case a standard PoA fails.
Most of the SIEM implementations seen are done with a random plan, the project may seem to be neat on paper, but it may contain some glitches like the one mentioned above, i.e. SMEs are not involved to the extent they should be. Again I am clearing here that the involvement of SMEs should not only be for technical problems that come across while implementation but also to enable the project to run smoothly for longer.
