Communications Room Policy
|
|
- Alan Lee
- 5 years ago
- Views:
Transcription
1 Information Security Policies Communications Room Policy Author : David Rowbotham Date : 01/07/2014 Version : 1.1 Status : Initial Release MAG Information Security IT Policies Page: 1
2 1 Table of contents Contents 1 Table of contents Document Control Introduction Scope Policy Entry Systems and Access Data Centre Room Etiquette Out of Hours Access Closed Circuit Television Safety Overview Signs and Information Contact Information Health and Safety Considerations Emergency Exits and Fire Alarm Procedures Fire detection and Fire extinguishers Electrical Safety Communications Room Use Hours of Operation Equipment Delivery Control of Equipment and Spares Prohibited Items Services Communications Room Equipment Introduction Environment Control Packaging Change and configuration management Overview Access Approval routes Data Centre / MA IS contact Information Table Policy review... 9 MAG Information Security IT Policies Page: 2
3 2 Document Control Ver Date Change Description Author Oct 2013 First draft Ian Waterhouse Dec 2013 Amendments from David Rowbotham Ian Waterhouse Jun 2014 Amendments from Aaron Bazler David Rowbotham st July 2014 Baseline David Rowbotham th July 2014 Minor revision David Rowbotham MAG Information Security IT Policies Page: 3
4 3 Introduction The purpose of Information security policies is to ensure that appropriate measures are implemented, to protect the data, systems, services, equipment and associated infrastructure of the Manchester Airport Group from internal and external threats, whilst ensuring timely access to information for authorised personnel and preventing unauthorised access or modification The vulnerability of business critical information systems and the data they contain within the Communications Room make the site a high value asset which requires a high degree of protection. A range of security measures are therefore in place to protect employees, information and physical assets, along with the interested third parties with equipment in the Communications Room. 4 Scope This policy applies to all MAG employees including contractors and vendors with access to MAG systems, or any other persons otherwise affiliated but not employed by MAG, who may utilise MAG IS infrastructure and/or access MAG applications 5 Policy 5.1 Entry Systems and Access Access is controlled via a combination of RFID card readers or keypad locks, some doors are fitted with sensors to detect unauthorised or prolonged opening. Staff and visitors must not adjust or otherwise tamper with door fittings. Any suspected faults with doors, lights or any security equipment should be reported to the MAG service desk at the earliest opportunity. Automated Access Keycard (card swipe) holder A list of authorised personnel that have been granted access to the communications rooms is owned by the Pass Office and must be reviewed on a monthly basis, with any changes to be communicated to the IS Service Desk, anyone requiring permanent access must first be authorised via the Information Security Forum with pass numbers recorded and room Access Control lists updated accordingly. The number of permanent pass holders is limited to the following personnel unless by agreement in the MA IS security forum; MA IS Installations & Cabling Engineers MA IS Network & Infrastructure Team On-site Technical Support Teams by prior agreement. Nominated personnel from Internal Engineering Manual Access non-keycard holder Authorised DC customers will be provided 24x7 access to their equipment housed in the MA IS DCs. The customer representative responsible for (and who signs) any service agreement with MA IS must provide a list of employees who are authorised to enter the Data Centre. (Maximum of 2no. persons) When access is required, proper notification and justification will need to be provided in accordance with the policy set out in the relevant section of this document. Customers authorised personnel with pre-approved manual access to the data centre are required to contact the MA IS Service Desk at which point the necessary access request can be generated. All non-permanent entries onto the Access Control Lists (ACL) for the suites will be time bound and will automatically age-out on reaching the limit of their agreed access. MAG Information Security IT Policies Page: 4
5 Visits must be agreed at least 5 days In advance. Unannounced/unescorted visitors will be denied access. In the case of business critical systems and general emergencies, exceptions must be supported by a member of staff with authorised access and in such circumstances, escorting will be provided for access to relevant suites. Tailgating into restricted areas is forbidden. Care must therefore be taken by all authorised staff to prevent this. During deliveries authorised staff must supervise such work at all times. Any persons allowing others to tailgate into Communication Rooms will have their system access removed. 5.2 Data Centre Room Etiquette In order to maintain a clean room environment and allow all work performed within the Data Centre to be carried out as effectively as possible, it is mandatory for all persons working within the suite to adhere to the following rules of etiquette; 1. All work areas to be kept clean and free of debris. Upon completion of any work, staff performing the work should ensure they have left the area as clean as it was before their work began. 2. All Rack enclosures should be kept neat and free of manuals, media, cables. Doors on all racks should remain closed at all times except during periods of scheduled maintenance. 3. Cables should never be strung outside of rack enclosures. Cabling between racks are to route through installed cable management systems. Where none exists, temporary installations are permitted and notice of temporary installation posting to the N&I Manager for action. 4. Under no circumstances should any customer; a. Lift floor tiles without prior knowledge, consent and oversight of the MA IS dept. b. Modify Power Distribution Units (PDU) within the Data Centre rooms unless specified in job registration and reflected within the submitted RAMS. c. Connect any device into another cabinet s PDUs. d. Configure or modify in any way Computer Room Air Conditioning (CRAC) within the Data Centre environment. e. Open cabinets or computer racking unless explicitly specified in job registration and/or RFC content. 5.3 Out of Hours Access MA IS Network & Infrastructure are responsible for maintenance of all Data Centre suites. If access is required without a supporting RFC or prior approval from N&I Manager and/or IS Security Manager, access will be denied. Where access is required in reaction to an unplanned outage, approval must be sought from N&I Manager and supporting documentation supplied. 5.4 Closed Circuit Television Closed Circuit Television (CCTV) monitoring and recording is in operation throughout the communications rooms and is centrally monitored by MA IS. 6 Safety 6.1 Overview Information Systems (IS) seeks to operate the DC environments according to the MAG Health and Safety Policy, a summary of which can be found on the Intranet. MAG Information Security IT Policies Page: 5
6 6.2 Signs and Information Safety signs and information are posted at access points to the Communications Room. General notices are also posted around the Communications Room providing detailed information on first aid, emergency contacts and general Health and Safety issues. 6.3 Contact Information Information on emergency and out-of-hours maintenance contacts is posted at all entrances to the Communications Room. A list of first aid contacts is posted throughout the Communications Room. Help can also be obtained by contacting any member of the IS Service desk. Any fire safety concerns should be raised with a member of the IS Service Desk who will deal with the matter with the involvement of the MAG Fire service if required. 6.4 Health and Safety Considerations There are a number of Health and Safety considerations when working in the Communications Rooms, and all persons responsible for completing works should have completed the necessary training in advance of the scheduled maintenance. MAG H&S Policy should be consulted for the avoidance of doubt and referenced in any RAMS prior to Job registration. All MAG Health and Safety policies are available on the internal Intranet at the following address; Emergency Exits and Fire Alarm Procedures Emergency exits are clearly signed and illuminated and must not be obstructed by any equipment or packaging before, during or after any planned works. 6.6 Fire detection and Fire extinguishers The Communications Rooms are fitted with fire detection systems linked to audible and visual alarms. If an alarm is activated leave the room immediately at the designated exit points and exit the building at ground level via the stairs. Never use the lifts. Users should then go the designated meeting point. For small incidents fire extinguishers are placed throughout the Communications Room alongside instruction signs 6.7 Electrical Safety PAT testing is carried out on all computer equipment and cables used in the Communications Rooms by trained staff. Equipment should be PAT tested before it is deployed. 7 Communications Room Use 7.1 Hours of Operation The Communications Room operates on a continuous basis, with staff in attendance between 04:00am and 20:00 daily. MAG Information Security IT Policies Page: 6
7 7.2 Equipment Delivery No deliveries are accepted at the Communications Rooms locations. All deliveries to be directed to MA IS Olympic House and the IS Helpdesk. 7.3 Control of Equipment and Spares No equipment is to be left unattended within the communications rooms at any time. Any equipment found in contravention of this will be removed and the owners access to the Communications Rooms revoked. 7.4 Prohibited Items The following items are prohibited from the Communications Room: Combustible materials such as paper and cardboard (except reference manuals as needed) Food and liquids Tobacco products Explosives and weapons Hazardous materials Alcohol, illegal drugs and other intoxicants Electro-magnetic devices that could cause interference with computer and telecom equipment Radioactive materials Photographic or recording equipment (other than backup media) 8 Services 8.1 Communications Room The Communications Room aims to provide a secure, controlled environment suitable for locating rackmountable computer systems. Power, cooling and networking connectivity are provided, and in some cases UPS is available to protect systems from power fluctuations and short outages. Where UPS is not available rack-mount UPS units are installed, monitored and maintained for all Core and Distribution tier equipment 8.2 Equipment Introduction IS must be notified in advance of any plans to add or remove equipment in the hosted room area. All new equipment installs must be agreed in advance with IS following the IT change process and must be authorised by the IS change advisory board prior to their introduction. Please ensure you have the full agreement of IS to host your equipment before you purchase, otherwise your equipment may be refused or delayed access to supporting infrastructure. 8.3 Environment Control Cooling, power and UPS provision is centrally controlled by BMS Engineering. Only authorised personnel are allowed to alter settings on any such equipment. Any persons found altering or changing core services will have their access to communications rooms revoked. MAG Information Security IT Policies Page: 7
8 8.4 Packaging Cardboard and other items that can generate dust and are easily combustible should remain outside Communications Rooms. Therefore packing or unpacking of equipment must take place outside the room. 9 Change and configuration management 9.1 Overview The Change Management Process covers all changes on Configuration Items (CIs) included in the IS Configuration Management Database (CMDB). The functional areas within the scope include, but are not necessarily limited to ~ All Communications Room equipment and software including IS and hosted equipment All Communications Room facilities equipment and software running on them including electricity, air conditioning, etc. equipment All Network equipment (including all cabling and communications infrastructure) and related software All voice system equipment and software All desktop equipment and software All licensed production software (Software under development is outside the scope.) Operational processes and documentation Release to production and decommissioning of all equipment, IT environment and services managed by a project Non-production equipment (test and development servers, etc) is also subject to change control as per the above. 9.2 Access Approval routes Please refer to the Communications Room Access Process document for further information. Request How to Submit Required Notice Planned DC Site visit Request via MA IS Service Desk (Refer to Process) Unplanned DC site visit Required Info 5 days Nature/Scope & Complete RAMS statement. Will not be allowed access to the communications rooms. Required Approvals N&I DC Manager/IS Security Manager Emergency DC site Visit Vendor/Supplier access to facility* Scheduled delivery of equipment Contact N&I Manager in the first instance with details of situation. (Note: attendees will need to be escorted without MAG Security Pass) Request via MA IS Service Desk (Refer to Process) 5 days Nature/Scope & complete RAMS statement. Deliveries are not received at communications rooms. N&I DC Manager/IS Security Manager.. General DC Questions.. to DC.Operations@magairports.com MAG Information Security IT Policies Page: 8
9 9.3 Data Centre / MA IS contact Information Table Support / Operations Contacts Contact Telephone Primary Contact MA IS Service Desk Mag.servicedesk@magairports.com Escalation 1 Network Support Network.Support@magairports.com Escalation 2 Network & David.Rowbotham@magairports.com Infrastructure Manager Escalation 3 IS Operations Dir. Aaron.Bazler@magairports.com Policy review This policy will be reviewed on an annual basis. It will be amended in response to changes in operational and legal requirements. Every effort will be made to ensure individual users are made aware of changes when they occur. If you have any queries or questions about this policy contact the MAG Information Security Manager or MAG Network & Infrastructure Manager. MAG Information Security IT Policies Page: 9
Data Center Access Policies and Procedures
Data Center Access Policies and Procedures Version 2.0 Tuesday, April 6, 2010 1 Table of Contents UITS Data Center Access Policies and Procedures!3 Introduction!3. Overview!3 Data Center Access!3 Data
More informationUlster University Policy Cover Sheet
Ulster University Policy Cover Sheet Document Title DATA CENTRE ACCESS POLICY 3.2 Custodian Approving Committee Data Centre & Operations Manager ISD Committee Policy approved date 2017 09 08 Policy effective
More informationCCBC is equipped with 3 computer rooms, one at each main campus location:
Policy: Computer Room Procedures Policy: Draft 12/14/2009 1.0 Purpose The purpose of this document is to establish procedures for the Community College of Baltimore County (CCBC) Information Technology
More informationFACILITY USER GUIDE. Colocation in Key Info s Agoura Court Data Center
FACILITY USER GUIDE Colocation in Key Info s Agoura Court Data Center Page 1 of 11 Key Info Facilities User Guide v2.4 Table of Contents Welcome... 3 GETTING STARTED... 4 Colocation Access... 4 Proof of
More informationIT Security Standard Operating Procedure
IT Security Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not be utilised as guidance
More informationUITS Data Center Access Policies and Procedures
UITS Data Center Access Policies and Procedures Revision 5: 2/15/2017 2/15/17 Page 1 Author: Len Sousa, UConn/UITS Contents... 1 UITS Data Center Access Policies and Procedures... 1 1. Introduction...
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationInformation Services IT Security Policies L. Network Management
Information Services IT Security Policies L. Network Management Version 1.1 Last updated: 11th August 2010 Approved by Directorate: 2nd July 2009 Review date: 1st August 2011 Primary owner of security
More informationPhysical and Environmental Security Standards
Physical and Environmental Security Standards Table of Contents 1. SECURE AREAS... 2 1.1 PHYSICAL SECURITY PERIMETER... 2 1.2 PHYSICAL ENTRY CONTROLS... 3 1.3 SECURING OFFICES, ROOMS AND FACILITIES...
More informationCenteris Data Centers - Security Procedure. Revision Date: 2/28/2018 Effective Date: 2/28/2018. Site Information
Section 01 Document Information Creation Date: 12/1/2016 Centeris Data Centers - Security Procedure Revision Date: 2/28/2018 Effective Date: 2/28/2018 Section 02 Site Information Site Information Document
More informationServer Colocation Standards
Server Colocation Standards 1 Overview The purpose of this document is to communicate the minimum requirements and configuration necessary to colocate a server or other equipment in the datacenter of Duke
More informationStandard: Data Center Security
Standard: Data Center Security Page 1 Executive Summary The university data centers provide for the reliable operation of SJSU s computing systems, computing infrastructure, and communication systems.
More informationTimico Data Centres: Access Policy
Timico Data Centres: Access Policy Timico Ltd 2012 Page: 1 of 6 1 Contents 1 Contents... 2 2 Version control... 2 3 Overview... 3 4 Introduction... 3 5 Rules of conduct... 3 6 Access request procedure...
More informationPhysical and Environmental Security Policy Document Number: OIL-IS-POL-PES
Physical and Environmental Security Policy Document Number: OIL-IS-POL-PES Document Details Title Description Version 1.0 Author Classification Physical and Environmental Security Policy Physical and Environmental
More informationAUTHORITY FOR ELECTRICITY REGULATION
SULTANATE OF OMAN AUTHORITY FOR ELECTRICITY REGULATION SCADA AND DCS CYBER SECURITY STANDARD FIRST EDITION AUGUST 2015 i Contents 1. Introduction... 1 2. Definitions... 1 3. Baseline Mandatory Requirements...
More informationn+2 DATA CENTER CONTROL POLICY
This Data Center Control Policy (the Control Policy ) forms a part of the Master Services Agreement between n+2 LLC ( n+2 ) and Client (the Agreement ), in which this Control Policy is incorporated by
More informationData Centers and Mission Critical Facilities Access and Physical Security Procedures
Planning & Facilities Data Centers and Mission Critical Facilities Access and Physical Security Procedures Attachment B (Referenced in UW Information Technology Data Centers and Mission Critical Facilities
More informationPoP ROOM: INSIDE AND OUTSIDE PLANT RULES & REGULATIONS
PoP ROOM: INSIDE AND OUTSIDE PLANT RULES & REGULATIONS Version 14 November 19, 2014 Digital Realty Table of Contents INTRODUCTION... 3 ACCESS TO THE POP ROOMS, ISP & OSP... 3 PoP- MoP Forms... 3 Who must
More information2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo.
Diageo Third Party Hosting Standard 1. Purpose This document is for technical staff involved in the provision of externally hosted solutions for Diageo. This document defines the requirements that third
More informationData Centre Security. Presented by: M. Javed Wadood Managing Director (MEA)
Data Centre Security Presented by: M. Javed Wadood Managing Director (MEA) EPI history and global locations UK origin, 1987 Singapore office, 1999 9 EPI offices worldwide Global partner network spanning
More information: Course CDFOM : Certified Data Centre Facilities Operations Manager
Module Title Duration : Course CDFOM : Certified Data Centre Facilities Operations Manager : 3 days Course Description Managing the facilities of today s hi-end and hi-availability data centres is an extremely
More informationCrisp Data Centre Standards 11 November 2008
Crisp Data Centre Standards 11 November 2008 This document outlines the standards that are enforced within the Crisp Data Centre, and as amended from time to time. Also specified are the responsibilities
More informationState of Rhode Island Department of Administration Division of Information Technol
Division of Information Technol 1. Background Physical and environmental security controls protect information system facilities from physical and environmental threats. Physical access to facilities and
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More informationSevern Trent Water. Telecommunications Policy and Access Procedure
Severn Trent Water Telecommunications Policy and Access Procedure Contents STW Telecommunications Policy: 5-12 Health and Safety: 13-18 Access Procedures:19-30 2 STW LSH Sites Access Policy [Controlled
More informationI. PURPOSE III. PROCEDURE
A.R. Number: 2.11 Effective Date: 2/1/2009 Page: 1 of 5 I. PURPOSE This policy outlines the procedures that third party organizations must follow when connecting to the City of Richmond (COR) networks
More informationSTCP Amendment Proposal Form
STCP Amendment Proposal Form PA036 1. Title of Amendment Proposal STCP 09-2 Incorporation material currently within SPT SCS and making standard for both TOs. 2. Description of the Proposed Amendment (mandatory
More informationAIMS CUSTOMER HAND BOOK THANK YOU FOR CHOOSING AIMS AS YOUR PREFERRED SERVICE PROVIDER.
AIMS CUSTOMER HAND BOOK THANK YOU FOR CHOOSING AIMS AS YOUR PREFERRED SERVICE PROVIDER. It is our pleasure to provide you with the fullest of Informations to enable you to obtain the best from our services.
More informationPhysical Security Standard
Physical Security Standard Version: 1.6 Document ID: 3545 Copyright Notice Copyright 2018, ehealth Ontario All rights reserved No part of this document may be reproduced in any form, including photocopying
More informationAcceptable Usage Policy (Student)
Acceptable Usage Policy (Student) Author Arthur Bogacki Date 18/10/2017 Version 1.1 (content sourced and consolidated from existing Email and Electronic Communication, and User Code of Practice policies.)
More informationPage 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES
002 5 R1. Each Responsible Entity shall implement a process that considers each of the following assets for purposes of parts 1.1 through 1.3: i. Control Centers and backup Control Centers; ii. Transmission
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationIdentity Theft Prevention Policy
Identity Theft Prevention Policy Purpose of the Policy To establish an Identity Theft Prevention Program (Program) designed to detect, prevent and mitigate identity theft in connection with the opening
More informationApex Information Security Policy
Apex Information Security Policy Table of Contents Sr.No Contents Page No 1. Objective 4 2. Policy 4 3. Scope 4 4. Approval Authority 5 5. Purpose 5 6. General Guidelines 7 7. Sub policies exist for 8
More informationNetwork Security Policy
Network Security Policy Date: January 2016 Policy Title Network Security Policy Policy Number: POL 030 Version 3.0 Policy Sponsor Policy Owner Committee Director of Business Support Head of ICU / ICT Business
More informationCorporate Information Security Policy
Overview Sets out the high-level controls that the BBC will put in place to protect BBC staff, audiences and information. Audience Anyone who has access to BBC Information Systems however they are employed
More informationSOUTHERN CALIFORNIA EDISON COMPANY
SOUTHERN CALIFORNIA EDISON COMPANY COMPLIANCE PROCEDURES IMPLEMENTING FERC ORDER 717C STANDARDS OF CONDUCT Version 1.2 Updated June 14, 2017 Purpose: To provide Southern California Edison s (SCE) overall
More information01.0 Policy Responsibilities and Oversight
Number 1.0 Policy Owner Information Security and Technology Policy Policy Responsibility & Oversight Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 1. Policy Responsibilities
More informationSabey Data Center Properties CONSOLIDATED WORK RULES
Sabey Data Center Properties CONSOLIDATED WORK RULES Contents Overview... 2 Building Security... 2 General... 2 Access Badge Display... 2 Security Rounds... 2 Access to Secure Spaces... 2 Emergency Exits...
More informationREVISION HISTORY DATE AMENDMENT DESCRIPTION OF AMENDMENT
REVISION HISTORY DATE AMENDMENT DESCRIPTION OF AMENDMENT IFC SERVICE DESCRIPTION 17 OCTOBER 2016 Page 1 of 9 SERVICE DESCRIPTION 2-14: INTERNATIONAL FALCON CONNECTION SERVICE (IFC Service) 1. THE SERVICE
More informationFacility Security Policy
1. PURPOSE 1.1 The New Brunswick Institute for Research, Data and Training (NB-IRDT) is located in the University of New Brunswick. It consists of: (i) employee offices in Singer Hall and Keirstead Hall,
More informationSite Visitor Requirements Practice
Health & Safety Site Visitor Requirements Practice Content Owner Custodian H&S Discipline Program COMS Document Number Manager, Health and Safety Solutions Health and Safety Solutions H&S Programs & Projects
More informationEuropean Liquidity Centre Colocation Operating Policies
European Liquidity Centre Colocation Version 5.1 1 st August 2016 ICE Data Services Limited PREFACE REFERENCES A reference in this document to: Authorised Trading Platform means a trading facility authorised
More informationINFORMATION SECURITY- DISASTER RECOVERY
Information Technology Services Administrative Regulation ITS-AR-1505 INFORMATION SECURITY- DISASTER RECOVERY 1.0 Purpose and Scope The objective of this Administrative Regulation is to outline the strategy
More informationINFORMATION SECURITY. One line heading. > One line subheading. A briefing on the information security controls at Computershare
INFORMATION SECURITY A briefing on the information security controls at Computershare One line heading > One line subheading INTRODUCTION Information is critical to all of our clients and is therefore
More informationIT CONTINUITY, BACKUP AND RECOVERY POLICY
IT CONTINUITY, BACKUP AND RECOVERY POLICY IT CONTINUITY, BACKUP AND RECOVERY POLICY Effective Date May 20, 2016 Cross- Reference 1. Emergency Response and Policy Holder Director, Information Business Resumption
More informationINFORMATION ASSET MANAGEMENT POLICY
INFORMATION ASSET MANAGEMENT POLICY Approved by Board of Directors Date: To be reviewed by Board of Directors March 2021 CONTENT PAGE 1. Introduction 3 2. Policy Statement 3 3. Purpose 4 4. Scope 4 5 Objectives
More informationStandard CIP 004 3a Cyber Security Personnel and Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-3a 3. Purpose: Standard CIP-004-3 requires that personnel having authorized cyber or authorized unescorted physical access
More informationCYBER SECURITY POLICY REVISION: 12
1. General 1.1. Purpose 1.1.1. To manage and control the risk to the reliable operation of the Bulk Electric System (BES) located within the service territory footprint of Emera Maine (hereafter referred
More informationIBM Security Intelligence on Cloud
Service Description IBM Security Intelligence on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationCustomer Service Manual. LD2 London West London. Customer Service Manual - LD2 London West
Customer Service Manual LD2 London West London 1 CONTENTS 1.0 Location and site contact details 2.0 Authorised contact list 3.0 Digital Realty support portal 4.0 Access to site 5.0 First Line Support 6.0
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Personnel Security Standard This standard is applicable to all VCU School of Medicine personnel. Approval
More informationMobile / Smart Phone Policy
Mobile / Smart Phone Policy Policy reviewed by: Philippa Mills Review date: September 2017 Next review date: September 2018 School refers to Cambridge International School; parents refers to parents, guardians
More informationCustomer Service Manual. Meridian Gate London. Customer Service Manual - Meridian Gate
Customer Service Manual Meridian Gate London 1 CONTENTS 1.0 Location and site contact details 2.0 Authorised contact list 3.0 Digital Realty support portal 4.0 Access to site 5.0 First Line Support 6.0
More informationPHYSICAL AND ENVIRONMENTAL SECURITY
PHYSICAL AND ENVIRONMENTAL SECURITY 1.0 STANDARD FOR PHYSICAL AND ENVIRONMENTAL SECURITY - EQUIPMENT 1.1 PURPOSE The purpose of this standard is to establish baseline controls to prevent loss, damage,
More informationOffice 365. Claranet Service Description
Claranet Service Description Office 365 Provides a highly configurable Email, Collaboration and Unified Communications platform, hosted by Microsoft, that can be deployed for a customer organisation to
More informationWriter Corporation. Data Protection Policy
Writer Corporation Data Protection Policy 1. Introduction The Data Protection Policy (DPP) lays a solid foundation for the development and implementation of secure practices within Writer Corporation (the
More informationLinchPin. Managed Service For IP VPN Networks. Web Site Telephone
LinchPin Managed Service For IP VPN Networks Web Site www.linchpinnetworks.co.uk Email info@linchpinnetworks.co.uk Telephone 01284 830 841 Introduction The LinchPin CPE Managed Service for IP VPN Networks
More informationMobile Working Policy
Mobile Working Policy Date completed: Responsible Director: Approved by/ date: Ben Westmancott, Director of Compliance Author: Ealing CCG Governing Body 15 th January 2014 Ben Westmancott, Director of
More informationGuidance for Accident Reporting
Guidance for Accident Reporting Produced by Date approved and agreed Health, Safety and Wellbeing 1 st February 2016 Review Date 1 st February 2017 Version 1.0 Document reference HSW/GN/AR If you need
More informationGrid Security Policy
CERN-EDMS-428008 Version 5.7a Page 1 of 9 Joint Security Policy Group Grid Security Policy Date: 10 October 2007 Version: 5.7a Identifier: https://edms.cern.ch/document/428008 Status: Released Author:
More informationPolicies, Procedures, Guidelines and Protocols. John Snell - Head of Workforce Planning, Systems and Contributors
Policies, Procedures, Guidelines and Protocols Document Details Title Staff Mobile Phone Policy Trust Ref No 2036-39774 Local Ref (optional) N/A Main points the document Procurement, allocation and use
More informationThe Project Charter. Date of Issue Author Description. Revision Number. Version 0.9 October 27 th, 2014 Moe Yousof Initial Draft
The Project Charter Project Title: VDI Data Center Design and Build Project Sponsor: South Alberta Data Centers Inc. (SADC Inc.) Project Customer: The City of Calgary Project Manager: Moe Yousof Document
More informationData Protection Policy
Page 1 of 6 General Statement The Local Governing Bodies of the academies have overall responsibility for ensuring that records are maintained, including security and access arrangements, in accordance
More informationOpen Access. Definitions
Open-IX Data Center Technical Standards Version 2.0, January 1, 2018 Questions: dc-group@open-ix.org The purpose of the Open- IX Data Center Technical Standards document is to establish a recommended standard
More information1.0 Executive Summary. 2.0 Features and Benefits
Table of Contents 1.0 EXECUTIVE SUMMARY 2.0 FEATURES AND BENEFITS 3.0 DETAILS OF SERVICE 4.0 Deliverable 5.0 Exclusions 6.0 SCOPE OF RESPONSIBILITY 7.0 PROJECT WORK DETAILS 8.0 ORDERING INFORMATION 9.0
More informationStandard CIP-006-3c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3c 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security
More informationXAVIER UNIVERSITY Building Access Control Policy
Effective: March 25, 2019 Last Updated: March 20, 2019 XAVIER UNIVERSITY Building Access Control Policy Responsible University Office: Auxiliary Services, Physical Plant Responsible Executive: Vice President,
More information1.0 Executive Summary
Statement of Work - 1 - Power and Cooling Assessment for Data Center Professional Services Service 1.0 Executive Summary Table of Contents 1.0 Executive Summary 2.0 Features & Benefits 3.0 Details of Service
More informationEco Web Hosting Security and Data Processing Agreement
1 of 7 24-May-18, 11:50 AM Eco Web Hosting Security and Data Processing Agreement Updated 19th May 2018 1. Introduction 1.1 The customer agreeing to these terms ( The Customer ), and Eco Web Hosting, have
More informationAccess Control Policy
Access Control Policy Version Control Version Date Draft 0.1 25/09/2017 1.0 01/11/2017 Related Polices Information Services Acceptable Use Policy Associate Accounts Policy IT Security for 3 rd Parties,
More informationStruxureWare TM Data Center Operation Periodic Maintenance. Statement Of Work. 2.0 Features & Benefits
- 1 - StruxureWare TM DC Operation Periodic Maintenance Service Integration Service Statement Of Work 1. Executive summary StruxureWare TM Data Center Operation Periodic Maintenance Table of Contents 1.0
More informationEUROPEAN LIQUIDITY CENTRE COLOCATION OPERATING POLICIES
EUROPEAN LIQUIDITY CENTRE COLOCATION OPERATING POLICIES Version 5.3 December 2017 ICE Data Services Limited PREFACE REFERENCES A reference in this document to: Authorised Trading Platform means a trading
More informationProcess Definition: Security Services
Process Definition: Services 1. SUMMARY Process Definition: Services 1.1. This document defines the processes provided by the Services team in detail. 1.2. The relationship between this Business Unit process
More informationVirginia State University Policies Manual. Title: Information Security Program Policy: 6110
Purpose Virginia State University (VSU) uses information to perform the business services and functions necessary to fulfill its mission. VSU information is contained in many different mediums including
More informationStandard CIP-006-4c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-4c 3. Purpose: Standard CIP-006-4c is intended to ensure the implementation of a physical security
More informationCompany Policy Documents. Information Security Incident Management Policy
Information Security Incident Management Policy Information Security Incident Management Policy Propeller Studios Ltd is responsible for the security and integrity of all data it holds. Propeller Studios
More informationServer Security Policy
Server Security Policy Date: Januray 2016 Policy Title Server Security Policy Policy Number: POL 029 Version 3.0 Policy Sponsor Policy Owner Committee Director of Business Support Head of ICU / ICT Business
More informationOUTSOURCED FACILITIES MANAGEMENT SERVICES CAPE TOWN
OUTSOURCED FACILITIES MANAGEMENT SERVICES CAPE TOWN LOCATION OF SERVICE REQUIRED 141 Voortrekker road Parow Cape Town Areas: Offices Entrance foyers Balcony Toilets Basements Conference rooms Store rooms
More informationDonor Credit Card Security Policy
Donor Credit Card Security Policy INTRODUCTION This document explains the Community Foundation of Northeast Alabama s credit card security requirements for donors as required by the Payment Card Industry
More informationAged Care Security Solutions. security.gallagher.com
Aged Care Security Solutions security.gallagher.com Aged care security solutions The safety of residents and staff is the most important thing. Our objective at Gallagher is to create innovative solutions
More informationORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers
All Affiliate Research Policy Subject: HIPAA File Under: For Researchers ORA HIPAA Issuing Department: Office of Research Administration Original Policy Date Page 1 of 5 Approved by: May 9,2005 Revision
More informationAIMS HOUSE RULES AND REGULATIONS
AIMS HOUSE RULES AND REGULATIONS The security of the equipment and information in our data centres is of critical importance to the daily function of our customers operations. The following House Rules
More informationNATIONAL QUALIFICATION AUTHORITY
NATIONAL QUALIFICATION AUTHORITY REPORT OF EXPERT PANELS ON ACCREDITATION OF INSTITUTION PROVIDING AND / OR ASSESSES AND ISSUES APPROVED QUALIFICATIONS PART 1: SUMMARY AND RECOMMENDATIONS NAME OF APPLYING
More informationManaged Security Services - Endpoint Managed Security on Cloud
Services Description Managed Security Services - Endpoint Managed Security on Cloud The services described herein are governed by the terms and conditions of the agreement specified in the Order Document
More informationHosted Testing and Grading
Hosted Testing and Grading Technical White Paper July 2010 www.lexmark.com Lexmark and Lexmark with diamond design are trademarks of Lexmark International, Inc., registered in the United States and/or
More informationSwitching Process and Rules Systems Operations Framework. Document Number:
Switching Process and Rules Systems Operations Framework Document Number: 4808076 TABLE OF CONTENTS 1. INTRODUCTION... 5 1.1 PURPOSE... 5 1.2 HIERARCHY... 5 2. PROCESSES... 7 2.1 SWITCHING OPERATOR AUTHORISATION
More information1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010
Standard CIP 011 1 Cyber Security Protection Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes
More informationHARTREE CENTRE SERVICE NOW SELF- SERVICE PORTAL
HARTREE CENTRE SERVICE NOW SELF- SERVICE PORTAL User Guide Name Amendment Version Reviewed by. Approved by. Lisa Whimperley Initial document Peter Kane Peter Kane creation. 31/10/2017 The Hartree Centre
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationGDPR Draft: Data Access Control and Password Policy
wea.org.uk GDPR Draft: Data Access Control and Password Policy Version Number Date of Issue Department Owner 1.2 21/01/2018 ICT Mark Latham-Hall Version 1.2 last updated 27/04/2018 Page 1 Contents GDPR
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationSERVICE DESCRIPTION MANAGED FIREWALL/VPN
Contents Service Overview.... 3 Key Features... 3 Service Features... 3 Responsibilities... 5 Additional Services.... 5 Implementation... 6 Validation... 6 Implementation Process.... 6 Customer Kick-Off...
More informationInstitute of Technology, Sligo. Information Security Policy. Version 0.2
Institute of Technology, Sligo Information Security Policy Version 0.2 1 Document Location The document is held on the Institute s Staff Portal here. Revision History Date of this revision: 28.03.16 Date
More informationThe City of Mississauga may install Closed Circuit Television (CCTV) Traffic Monitoring System cameras within the Municipal Road Allowance.
Policy Number: 10-09-02 Section: Roads and Traffic Subsection: Traffic Operations Effective Date: April 25, 2012 Last Review Date: Approved by: Council Owner Division/Contact: For information on the CCTV
More informationThe ITIL v.3. Foundation Examination
The ITIL v.3. Foundation Examination ITIL v. 3 Foundation Examination: Sample Paper 4, version 3.0 Multiple Choice Instructions 1. All 40 questions should be attempted. 2. There are no trick questions.
More informationSFTI & COLOCATION US US LIQUIDITY CENTER OPERATING POLICIES & PROCEDURES. June Version 12 STATUS. NYSE Group, Inc.
SFTI & COLOCATION US US LIQUIDITY CENTER OPERATING POLICIES & PROCEDURES June 2016 STATUS Version 12 NYSE Group, Inc. 2016 Page 1 About This Document The following documents should be read in conjunction
More informationE-Security policy. Ormiston Academies Trust. James Miller OAT DPO. Approved by Exec, July Release date July Next release date July 2019
Ormiston Academies Trust E-Security policy Date adopted: Autumn Term 2018 Next review date: Autumn Term 2019 Policy type Author Statutory James Miller OAT DPO Approved by Exec, July 2018 Release date July
More information