Please see the message below. In order to limit scope (and cost) but still provide the valuable analysis we are looking for from a security audit we felt it best to pinpoint which repositories were audited. The list below came from the FOLIO DevOps team and the y/n and criteria are mine - and could be completely wrong/off base. Could you all go and comment - or perhaps should we open it up to a wider development audience?

-mdg


Begin forwarded message:

From: Mike Gorrell <mdg@indexdata.com>
Subject: Re: IndexData Module Focus
Date: March 21, 2019 at 10:45:00 AM EDT
To: Brett Arpaia <brett.arpaia@nccgroup.com>
Cc: Graham Bucholz <graham.bucholz@nccgroup.com>

Thanks for reaching out Brett.

I haven’t had a chance to vet this list with others yet - please keep in mind it’s a draft - but should provide a sense for where we’re going.


-mdg


On Mar 21, 2019, at 9:48 AM, Brett Arpaia <brett.arpaia@nccgroup.com> wrote:

Hi Mike, 
 
Hope all’s well. We were working to finalize the scope of your project and were waiting for clarification on the modules you wanted tested.
 
Have you had a chance to prioritize the modules that you would like us to focus on?
 
Thank you,
 
Brett Arpaia
Account Executive
Phone: (646) 362-9613
<image001.png>