The objective of the IT Security Policy is to ensure the security of Company’s information assets, that is:
a. to preserve Confidentiality (that is, protect assets against unauthorized disclosure)
b. to preserve Integrity (that is, protect assets from unauthorized or accidental modification ensuring the accuracy and completeness of the organization’s assets)
c. to ensure Availability (that is, ensure that assets are available as and when required adhering to the organization’s business)
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. REQUIREMENTS
3.1 POLICY STATEMENT
3.2 OVERALL OBJECTIVE
3.3 RISK ASSESSMENT
3.4 SECURITY AWARENESS
3.5 ACCEPTABLE USE OF INFORMATION
3.6 INFORMATION CLASSIFICATION
3.7 PERSONAL USE OF INFORMATION
3.8 VIRUS PROTECTION
3.9 BACKUP AND RECOVERY
3.10 PASSWORD POLICY
3.11 REMOTE ACCESS
3.12 CONNECTION TO EXTERNAL NETWORKS
3.13 ELECTRONIC MAIL
3.14 SOFTWARE ACQUISITION
3.15 SOFTWARE DEVELOPMENT & MAINTENANCE
3.16 BUSINESS CONTINUITY
3.17 ACCREDITATION OF INFORMATION SYSTEM
3.18 OPERATIONAL SYSTEM MONITORING
3.19 INCIDENT REPORTING
3.20 CONFIGURATION MANAGEMENT
4. ROLES AND RESPONSIBILITIES
4.1 OVERALL RESPONSIBILITIES
4.2 INFORMATION OWNERS
4.3 MANAGEMENT RESPONSIBILITIES
4.4 INFORMATION CUSTODIANS
4.5 EMPLOYEES RESPONSIBILITIES
4.6 INFORMATION SECURITY OFFICER
4.7 INTERNAL AUDIT DEPARTMENT
5. EXCEPTIONS
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
7. APPENDIX 1 – AGREEMENT TO COMPLY WITH THE INFORMATION SECURITY POLICIES
Pages: 18
This bundle contains all the products listed in the Data Governance section. Take advantage of the 25% OFF when buying the bundle!
The purpose of this procedure is to formalize an Internal Investigation process by the Security Department and to guarantee the quality of the services provided by Security Department and the professionalism of the Company’s investigators. Also, provide Company's investigators with a common repository in terms of language, rules of conduct and methods to guarantee that the investigations are carried out with professionalism, in a standardized approach
This standard documents the security requirements for network security including router and switch configuration to assist in the protection of business critical Company assets and information from accidental loss or corruption.
Review IT Security Policy – Template 1.
You must be logged in to post a review.