At the very heart of Information Security lay the principles of Authentication, Authorization and Accountability, also known as AAA. In plain language, these principles state that: a. Every action of…

The objective of this procedure is to ensure the security of Company’s assets. Effective security controls in relation to access the data are an essential component of the effective risk…

The Access Control System Security Standard specifies the requirements with respect to the "need-to-know / need to have" principle, segregation of duties, user account management, access management, logging and access…

The techniques of dual control and segregation of duties have to be implemented to enhance the control over activities wherever the risk and impact of an IT Security incident would…

Identity and Access Management Standard describes the management of individuals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity…

The Password Policy describes the security rules that cover activities that must be followed on different internal network areas or systems that require user credential to access on different network.

The purpose of the Password Procedure is to establish a standard for creation of strong passwords, the protection of those passwords, and the frequency of change.

The objective of the Password Security Policy is to establish the minimum rules and requirements that must be enforced in order to ensure that strong passwords are created and protected…

The Privileged User Accounts Management Procedure has been designed to describe the process of creating, modifying or deleting privileged user accounts from the Company’s business systems.