PowerPoint Presentation

[Audio] Thank you, Kenny. Hi Everyone, I am Amber Shepherd, Responsible for the Delivery of complex changes within the Resilience portfolio and am currently working on a few projects including Password Remediation, which is the project I will be giving you a brief overview of this morning. What is Password Remediation? In a nutshell bank compliance and security requirements have become increasingly more strict over the years, due to this we at Lloyds Banking Group have a number of risks and security non compliances open to cover the Commercial Banking Online software and infrastructure not meeting or adhering to some of these security requirements and policies. The Password Remediation programme of work aims to mitigate nine of the Risks and SNCs that CBO have raised or are impacted by. These above mentioned SNCs can be categorized as follows: Weak Password is for passwords that are not in line with entropy (password strength) standards. Password Rotation is where user and non-user passwords are not rotated periodically. Credentials Encryption covers non-user credentials that are not encrypted at rest. Build Standards is for FMO RHEL servers that were not built to LBG or Kyndrl standards. And lastly CI CD communications which addresses the lack of segregation between Test and DevOps environments and the SMTP Production Servers. Which essentially means that the communications relate to coding processes, which is why the environments are not segregated and SMTP is used to support such processes When can we expect to have these issues remediated? The team and I are working on having all these nine SNCs remediated by quarter three next year. In order to be able to do that, we are and will continue to work and collaborate with a wide range of internal and external teams. Thank you for listening, I shall now pass on to Rachel to give you her update..