Documente Academic
Documente Profesional
Documente Cultură
Assessing Security Risks The purpose is to ensure a risk assessment is conducted periodically and as needed. The purpose is to ensure that a determination is made on each risk identified in the risk assessment. The purpose is to provide Management direction and support for information security in accordance with business requirements and relevant laws and regulations. The purpose is to ensure review of the Information Security Policy at regular planned intervals or whenever significant changes occur to the environment. The purpose is to manage information security within the organization and ensure the support and commitment of management. The purpose is to ensure co-ordination of information security activities throughout the organization. The purpose is to appropriately allocate responsibility for information security. The purpose is to define management authorization for new information processing facilities. The purpose is to ensure identification of all requirements for confidentiality, creates confidentiality agreements, and issues them to members of the workforce. The purpose is to ensure contact is maintained appropriately with relevant authorities. The purpose is to ensure contact is maintained with special interest groups focused on information security. The purpose is to ensure the review of information security controls and implementation. The purpose is to maintain the security of information and information processing facilities that are
Description
Information Security Co-ordination Allocation of Information Security Responsibilities Authorization Process for Information Processing Facilities Confidentiality Agreements
Page 1 of 11
Inventory of Assets
Ownership of Assets
Classification Guidelines
Screening
Management Responsibilities
Disciplinary Process
Page 2 of 11
Return of Assets
Cabling Security
Equipment Maintenance
Page 3 of 11
Change Management
Segregation of Duties
Service Delivery
Capacity Management
System Acceptance
Page 4 of 11
Information Back-up
Network Controls
Disposal of Media
Exchange Agreements
Electronic Messaging
Page 5 of 11
On-Line Transactions
User Registration
Page 6 of 11
Segregation in Networks
Page 7 of 11
Teleworking
Message Integrity
Page 8 of 11
Page 9 of 11
Business Continuity and Risk Assessment Developing and Implementing Continuity Plans Including Information Security Business Continuity Planning Framework
Page 10 of 11
Page 11 of 11