Unattended User Equipment Procedure
|
|
|
- Tamsyn Charles
- 6 years ago
- Views:
Transcription
1 Unattended User Equipment Procedure Reference No. xx Revision No. 1 Relevant ISO Control No Issue Date: January 22, 2012 Revision Date: January 22, 2012 Approved by: Title: Ted Harvey Director, Technology Services Version History Version # Version Date Author Summary of Changes 1.0 Jan Ted Harvey Approvals Name Title Date of Approval Version # Ray Hoppins Distribution Name Title Date of Issue Version No. Document Control Document Title Document Location Server Malware Protection Server Malware Procedure Page 1
2 Server Malware Procedure Page 2
3 Table of Contents 1.0 Overview Purpose Scope Risks...6 The risks associated with the Procedure subject... Error! Bookmark not defined. 5.0 Procedure Detail...7 Detailed Procedure statements... Error! Bookmark not defined. More Content... Error! Bookmark not defined. Procedure Detail Sub Heading... Error! Bookmark not defined. More Content... Error! Bookmark not defined. 6.0 Enforcement...8 If any member of IT staff is found to have breached this Procedure, they may be subject to disciplinary action.... Error! Bookmark not defined. If any user is found to have breached this security Procedure, they may be subject to disciplinary action.... Error! Bookmark not defined. Any violation of the Procedure by a temporary worker, contractor or supplier may result in the termination of their contract or assignment... Error! Bookmark not defined. 7.0 Procedure Governance Definitions...11 Detail any necessary definitions... Error! Bookmark not defined. More Content... Error! Bookmark not defined. 9.0 References...12 List any reference material used... Error! Bookmark not defined. More Content... Error! Bookmark not defined. Server Malware Procedure Page 3
4 1.0 Overview Users shall ensure that unattended equipment has appropriate protection. 2.0 Purpose Server Malware Procedure Page 4
5 3.0 Scope All Chinook s Edge students and staff, who access CESD information processing devices. All contractors / third parties staff who access CESD information processing devices. Server Malware Procedure Page 5
6 4.0 Risks Server Malware Procedure Page 6
7 5.0 Procedure Detail U s e r s s h o u l d e n s u r e t h a t u n a t t e n d e d c o m p utin g e q ui p m e nt h a s a p pr o priate protection. U nattend e d eq uip m e nt c o ntr ols incl u d e: T e r m i n ati n g a ctiv e (lo g g e d - in) sessions b efore a d e v i c e i s l e f t u n a t t e n d e d, u n l e s s it can be securely "locked" (e.g., w i t h a p a s s w o r d - prote cte d s c r e e n s a v e r ) ; P h y sically sec uring d e vices, or the are a in w hic h a d e vic e is lo c ate d, wit h a k e y- lock or e q ui v al e nt if a d e vi c e will b e u n a t t e n d e d. Locking unattended computers, by either, activating sleep mode, or invoking screensavers. These must require the user to enter their password to access the active session. Servers, workstations, or other computer systems located in open, common, or otherwise insecure areas, that access, transmit, receive, or store confidential or confidential private information must employ inactivity timers or automatic logoff mechanisms. (i.e., password protected screensaver that blacks out screen activity.) The aforementioned systems must terminate a user session after a maximum of 50 minutes of inactivity.. Server Malware Procedure Page 7
8 6.0 Enforcement Server Malware Procedure Page 8
9 7.0 Procedure Governance The following table identifies who within CESD is Accountable, Responsible, Informed or Consulted with regards to this Procedure. The following definitions apply: Responsible the person(s) responsible for developing and implementing the Procedure. Accountable the person who has ultimate accountability and authority for the Procedure. Consulted the person(s) or groups to be consulted prior to final Procedure implementation or amendment. Informed the person(s) or groups to be informed after Procedure implementation or amendment. Responsible Core Team - Technology Services Accountable Director Technology Services Consulted Technology Advisory Group, COLT Informed All Employees, All Contractors. Server Malware Procedure Page 9
10 Server Malware Procedure Page 10
11 8.0 Definitions TERM DEFINITION Server Malware Procedure Page 11
12 9.0 References Server Malware Procedure Page 12
Server Security Procedure
Server Security Procedure Reference No. xx Revision No. 1 Relevant ISO Control No. 11.7.1 Issue Date: January 23, 2012 Revision Date: January 23, 2012 Approved by: Title: Ted Harvey Director, Technology
Personal Communication Devices and Voic Procedure
Personal Communication Devices and Voicemail Procedure Reference No. xx Revision No. 1 Relevant ISO Control No. 11.7.1 Issue Date: January 23, 2012 Revision Date: January 23, 2012 Approved by: Title: Ted
Institute of Technology, Sligo. Information Security Policy. Version 0.2
Institute of Technology, Sligo Information Security Policy Version 0.2 1 Document Location The document is held on the Institute s Staff Portal here. Revision History Date of this revision: 28.03.16 Date
Access to University Data Policy
UNIVERSITY OF OKLAHOMA Health Sciences Center Information Technology Security Policy Access to University Data Policy 1. Purpose This policy defines roles and responsibilities for protecting OUHSC s non-public
Identity Theft Prevention Policy
Identity Theft Prevention Policy Purpose of the Policy To establish an Identity Theft Prevention Program (Program) designed to detect, prevent and mitigate identity theft in connection with the opening
ICT Systems Administrative Password Procedure
ICT Systems Administrative Password Procedure Related Policy Responsible Officer Approved by Approved and commenced July, 2014 Review by July, 2017 Responsible Organisational Unit ICT Security Policy ICT
ACCEPTABLE USE ISO INFORMATION SECURITY POLICY. Author: Owner: Organisation: Document No: Version No: 1.0 Date: 10 th January 2010
INFORMATION SECURITY POLICY EMAIL ACCEPTABLE USE ISO 27002 7.1.3 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-7.1.3 No: 1.0 Date: 10 th January 2010 Copyright Ruskwig
BHIG - Mobile Devices Policy Version 1.0
Version 1.0 Authorised by: CEO Endorsed By: Chief Operations Officer 1 Document Control Version Date Amended by Changes Made 0.1 20/01/2017 Lars Cortsen Initial document 0.2 29/03/2017 Simon Hahnel Incorporate
Subject: University Information Technology Resource Security Policy: OUTDATED
Policy 1-18 Rev. 2 Date: September 7, 2006 Back to Index Subject: University Information Technology Resource Security Policy: I. PURPOSE II. University Information Technology Resources are at risk from
Bring Your Own Device Policy
Title: Status: Effective : Last Revised: Policy Point of Contact: Synopsis: Bring Your Own Device Policy Final 2017-Jan-01 2016-Nov-16 Chief Information Officer, Information and Instructional Technology
REPORTING INFORMATION SECURITY INCIDENTS
INFORMATION SECURITY POLICY REPORTING INFORMATION SECURITY INCIDENTS ISO 27002 13.1.1 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-13.1.1 Version No: 1.0 Date: 1 st
Virginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Personnel Security Standard This standard is applicable to all VCU School of Medicine personnel. Approval
Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope
Jacksonville State University Acceptable Use Policy 1. Overview Information Technology s (IT) intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Jacksonville
Department of Public Health O F S A N F R A N C I S C O
PAGE 1 of 9 Category: Information Technology Security and HIPAA DPH Unit of Origin: Department of Public Health Policy Owner: Phillip McDown, CISSP Phone: 255-3577 CISSPCISSP/C Distribution: DPH-wide Other:
II.C.4. Policy: Southeastern Technical College Computer Use
II.C.4. Policy: Southeastern Technical College Computer Use 1.0 Overview Due to the technological revolution in the workplace, businesses such as Southeastern Technical College (STC) have turned to computer
UT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES
ACCESS MANAGEMENT Policy UT Health San Antonio shall adopt access management processes to ensure that access to Information Resources is restricted to authorized users with minimal access rights necessary
Clear Desk, Clear Screen Policy
Clear Desk, Clear Screen Policy 1 P a g e Table of Contents 1 Introduction... 3 2 Purpose... 3 3 Non Operations Policy... 3 4 Operations Policy.4 5 Review and Approvals... 5 2 P a g e 1 Introduction Synchronoss
PS Mailing Services Ltd Data Protection Policy May 2018
PS Mailing Services Ltd Data Protection Policy May 2018 PS Mailing Services Limited is a registered data controller: ICO registration no. Z9106387 (www.ico.org.uk 1. Introduction 1.1. Background We collect
Acceptable Use Policy
Acceptable Use Policy. August 2016 1. Overview Kalamazoo College provides and maintains information technology resources to support its academic programs and administrative operations. This Acceptable
Data protection policy
Data protection policy Context and overview Introduction The ASHA Centre needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees
Acceptable Use Policy
Acceptable Use Policy 1. Overview The Information Technology (IT) department s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Quincy College s established
Responsible Officer Approved by
Responsible Officer Approved by Chief Information Officer Council Approved and commenced August, 2014 Review by August, 2017 Relevant Legislation, Ordinance, Rule and/or Governance Level Principle ICT
a. UTRGV owned, leased or managed computers that fall within the regular UTRGV Computer Security Standard
Kiosk Security Standard 1. Purpose This standard was created to set minimum requirements for generally shared devices that need to be easily accessible for faculty, staff, students, and the general public,
Data protection. 3 April 2018
Data protection 3 April 2018 Policy prepared by: Ltd Approved by the Directors on: 3rd April 2018 Next review date: 31st March 2019 Data Protection Registration Number (ico.): Z2184271 Introduction Ltd
Acceptable Use Policy
Acceptable Use Policy 1. Purpose The purpose of this policy is to outline the acceptable use of computer equipment at Robotech CAD Solutions. These rules are in place to protect the employee and Robotech
DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY
DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY Published By: Fusion Factor Corporation 2647 Gateway Road Ste 105-303 Carlsbad, CA 92009 USA 1.0 Overview Fusion Factor s intentions for publishing an
Mobile Working Policy
Mobile Working Policy Date completed: Responsible Director: Approved by/ date: Ben Westmancott, Director of Compliance Author: Ealing CCG Governing Body 15 th January 2014 Ben Westmancott, Director of
Name of Policy: Computer Use Policy
Page: Page 1 of 5 Director Approved By: Approval Date: Reason(s) for Change Responsible: Corporate Services Leadership April 22, Reflect current technology and practice Corporate Services Leadership Leadership
Acceptable Use Policy
Acceptable Use Policy 1. Overview ONS IT s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to ONS established culture of openness, trust and integrity.
Access Control Procedure
HIPAA Security Procedure # Last Revised: 3/15/2006 Approved: Scope of Procedure The scope of this Policy covers the unique user identification and password, emergency access, automatic logoff, encryption
Mobile Computing Policy
Mobile Computing Policy Issue sheet Document reference NHSBSAIS004 Document location Title NHS Business Services Authority Mobile computing policy Author Head of Security and Information Assurance Issued
Corporate Information Security Policy
Overview Sets out the high-level controls that the BBC will put in place to protect BBC staff, audiences and information. Audience Anyone who has access to BBC Information Systems however they are employed
The University of British Columbia Board of Governors
The University of British Columbia Board of Governors Policy No.: 118 Approval Date: February 15, 2016 Responsible Executive: University Counsel Title: Safety and Security Cameras Background and Purposes:
Policy Document. PomSec-AllSitesBinder\Policy Docs, CompanyWide\Policy
Policy Title: Binder Association: Author: Review Date: Pomeroy Security Principles PomSec-AllSitesBinder\Policy Docs, CompanyWide\Policy Joseph Shreve September of each year or as required Purpose:...
Enviro Technology Services Ltd Data Protection Policy
Enviro Technology Services Ltd Data Protection Policy 1. CONTEXT AND OVERVIEW 1.1 Key details Rev 1.0 Policy prepared by: Duncan Mounsor. Approved by board on: 23/03/2016 Policy became operational on:
Information Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
BSO CLEAR DESK AND SCREEN POLICY (version 1.0)
BSO CLEAR DESK AND SCREEN POLICY (version 1.0) Approved at BSO Board on 25 th February 2010 CONTENT 1. PURPOSE...3 2. DATA CLASSIFICATION...3 3. THE DESK / OFFICE ENVIRONMENT...3 4. THE PC ENVIRONMENT...4
SPRING-FORD AREA SCHOOL DISTRICT
No. 801.1 SPRING-FORD AREA SCHOOL DISTRICT SECTION: TITLE: OPERATIONS ELECTRONIC RECORDS RETENTION ADOPTED: January 25, 2010 REVISED: October 24, 2011 801.1. ELECTRONIC RECORDS RETENTION 1. Purpose In
Virginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Removable Storage Media Security Standard This standard is applicable to all VCU School of Medicine personnel.
Information Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
Policy. London School of Economics & Political Science. Remote Access Policy. IT Services. Jethro Perkins. Information Security Manager.
London School of Economics & Political Science IT Services Policy Remote Access Policy Jethro Perkins Information Security Manager Summary This document outlines the controls from ISO27002 that relate
Data Sharing Agreement. Between Integral Occupational Health Ltd and the Customer
Data Sharing Agreement Between Integral Occupational Health Ltd and the Customer 1. Definitions a. Customer means any person, organisation, group or entity accepted as a customer of IOH to access OH services
GDPR Draft: Data Access Control and Password Policy
wea.org.uk GDPR Draft: Data Access Control and Password Policy Version Number Date of Issue Department Owner 1.2 21/01/2018 ICT Mark Latham-Hall Version 1.2 last updated 27/04/2018 Page 1 Contents GDPR
INFORMATION ASSET MANAGEMENT POLICY
INFORMATION ASSET MANAGEMENT POLICY Approved by Board of Directors Date: To be reviewed by Board of Directors March 2021 CONTENT PAGE 1. Introduction 3 2. Policy Statement 3 3. Purpose 4 4. Scope 4 5 Objectives
Access Control Policy
Access Control Policy Version Control Version Date Draft 0.1 25/09/2017 1.0 01/11/2017 Related Polices Information Services Acceptable Use Policy Associate Accounts Policy IT Security for 3 rd Parties,
POLICY 8200 NETWORK SECURITY
POLICY 8200 NETWORK SECURITY Policy Category: Information Technology Area of Administrative Responsibility: Information Technology Services Board of Trustees Approval Date: April 17, 2018 Effective Date:
Remote Access Policy
Remote Consulting Group Policy 1.0 1234 Main Street Version 1.0 Philadelphia, PA 19000 1213 www.rcg.com 1. Overview Remote Access Policy Remote Access allows Remote Consulting Group (RCG) to leverage the
Wireless Security Access Policy and Agreement
Wireless Security Access Policy and Agreement Purpose The purpose of this policy is to define standards, procedures, and restrictions for connecting to Fort Valley State University s internal network(s)
University of Alabama at Birmingham MINIMUM SECURITY FOR COMPUTING DEVICES RULE July 2017
University of Alabama at Birmingham MINIMUM SECURITY FOR COMPUTING DEVICES RULE July 2017 Related Policies, Procedures, and Resources UAB Acceptable Use Policy, UAB Protection and Security Policy, UAB
Policy and Procedure: SDM Guidance for HIPAA Business Associates
Policy and Procedure: SDM Guidance for HIPAA Business (Adapted from UPMC s Guidance for Business at http://www.upmc.com/aboutupmc/supplychainmanagement/documents/guidanceforbusinessassociates.pdf) Effective:
STATE OF NEW JERSEY IT CIRCULAR
NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ Chris Christie, Governor 300 Riverview Plaza E. Steven Emanuel, Chief Technology Officer Trenton, NJ 08625-0212 STATE OF NEW JERSEY IT
PTLGateway Data Breach Policy
1 PTLGateway Data Breach Policy Last Updated Date: 02 March 2018 Data Breach Policy This page informs you of our policy which is to establish the goals and the vision for the breach response process. This
UTAH VALLEY UNIVERSITY Policies and Procedures
Page 1 of 5 POLICY TITLE Section Subsection Responsible Office Private Sensitive Information Facilities, Operations, and Information Technology Information Technology Office of the Vice President of Information
HIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
Policy on the Provision of Mobile Phones
Provision of Mobile Phones Policy on the Provision of Mobile Phones Originator name: Section / Dept: Implementation date: Date of next review: Related policies: Policy history: Roger Stickland Approval
Department of Public Health O F S A N F R A N C I S C O
PAGE 1 of 7 Category: Information Technology Security and HIPAA DPH Unit of Origin: Department of Public Health Policy Owner: Phillip McDown, CISSP Phone: 255-3577 CISSPCISSP/C Distribution: DPH-wide Other:
UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY September 20, 2017
UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY September 20, 2017 I. Introduction Institutional information, research data, and information technology (IT) resources are critical assets
Section 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016
Section 3.9 PCI DSS Information Security Policy Issued: vember 2017 Replaces: June 2016 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect
State of Colorado Cyber Security Policies
TITLE: State of Colorado Cyber Security Policies Access Control Policy Overview This policy document is part of the State of Colorado Cyber Security Policies, created to support the State of Colorado Chief
Information Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Colin Sloey Implementation Date: September 2010 Version Number:
COMPUTER & INFORMATION TECHNOLOGY CENTER. Information Transfer Policy
COMPUTER & INFORMATION TECHNOLOGY CENTER Information Transfer Policy Document Controls This document is reviewed every six months Document Reference Document Title Document Owner ISO 27001:2013 reference
Oracle Data Cloud ( ODC ) Inbound Security Policies
Oracle Data Cloud ( ODC ) Inbound Security Policies Contents Contents... 1 Overview... 2 Oracle Data Cloud Security Policy... 2 Oracle Information Security Practices - General... 2 Security Standards...
PHYSICAL AND ENVIRONMENTAL SECURITY
PHYSICAL AND ENVIRONMENTAL SECURITY 1.0 STANDARD FOR PHYSICAL AND ENVIRONMENTAL SECURITY - EQUIPMENT 1.1 PURPOSE The purpose of this standard is to establish baseline controls to prevent loss, damage,
PHYSICAL & ENVIRONMENTAL PROTECTION GUIDE
2017 PHYSICAL & ENVIRONMENTAL PROTECTION GUIDE UTC IT0129-G UTC Information Technology Michael Dinkins, CISO 4/28/2017 CONTENTS 1. SCOPE... 2 2. PRINCIPLES... 2 3. REVISIONS... 2 4. OBJECTIVE... 2 5. POLICY...
UWTSD Group Data Protection Policy
UWTSD Group Data Protection Policy Contents Clause Page 1. Policy statement... 1 2. About this policy... 1 3. Definition of data protection terms... 1 4. Data protection principles..3 5. Fair and lawful
Texas Health Resources
Texas Health Resources POLICY NAME: Remote Access Page 1 of 7 1.0 Purpose: To establish security standards for remote electronic Access to Texas Health Information Assets. 2.0 Policy: Remote Access to
IT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I
Standards Sections Checklist Section Security Management Process 164.308(a)(1) Information Security Program Risk Analysis (R) Assigned Security Responsibility 164.308(a)(2) Information Security Program
<Criminal Justice Agency Name> Personally Owned Device Policy. Allowed Personally Owned Device Policy
Policy Title: Effective Date: Revision Date: Approval(s): LASO: CSO: Agency Head: Allowed Personally Owned Device Policy Every 2 years or as needed Purpose: A personally owned information system or device
Information Security BYOD Procedure
Information Security BYOD Procedure A. Procedure 1. Audience 1.1 This document sets out the terms of use for BYOD within the University of Newcastle. The procedure applies to all employees of the University,
State of Rhode Island Department of Administration Division of Information Technol
Division of Information Technol 1. Background Physical and environmental security controls protect information system facilities from physical and environmental threats. Physical access to facilities and
Information Security Incident Response and Reporting
Information Security Incident Response and Reporting Original Implementation: July 24, 2018 Last Revision: None This policy governs the actions required for reporting or responding to information security
Table of Contents. CPS Supplier Portal 05 - Self-Service "Admin"
Table of Contents Introduction... 2 Prerequisites... 2 General... 3 Company Profile - Organization... 4 Contact Directory... 5 Create a New Contact... 6 Update a Contact... 8 Inactivate a Contact... 10
This regulation outlines the policy and procedures for the implementation of wireless networking for the University Campus.
UAR NUMBER: 400.01 TITLE: Wireless Network Policy and Procedure INITIAL ADOPTION: 11/6/2003 REVISION DATES: PURPOSE: Set forth the policy for using wireless data technologies and assigns responsibilities
UKIP needs to gather and use certain information about individuals.
UKIP Data Protection Policy Context and overview Key details Policy Update Prepared by: D. Dennemarck / S. Turner Update approved by Management on: November 6, 2015 Policy update became operational on:
Privacy Policy on the Responsibilities of Third Party Service Providers
Privacy Policy on the Responsibilities of Third Party Service Providers Privacy Office Document ID: 2489 Version: 3.2 Owner: Chief Privacy Officer Sensitivity Level: Low Copyright Notice Copyright 2016,
Acceptable Usage Policy (Student)
Acceptable Usage Policy (Student) Author Arthur Bogacki Date 18/10/2017 Version 1.1 (content sourced and consolidated from existing Email and Electronic Communication, and User Code of Practice policies.)
UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017
UNIVERSITY OF MASSACHUSETTS AMHERST INFORMATION SECURITY POLICY October 25, 2017 I. Introduction Institutional information, research data, and information technology (IT) resources are critical assets
SDHS Security Policy v5.3, revised March 2015
SDHS Security Policy v5.3, revised March 2015 The SDHS Security Policy is reviewed annually by the Council of the School - the policy presented here was approved in March 2015. Interim revisions may be
eprost System Policies & Procedures
eprost System Policies & Procedures Initial Approval Date: 12/07/2010 Revision Date: 02/25/2011 Introduction eprost [ Electronic Protocol Submission and Tracking ] is the Human Subject Research Office's
Remote Access (Supporting Document)
Remote Access (Supporting Document) April 2007 Version Control Sheet Title: Purpose: Owner: Approved by: Remote Access (Supporting Document The advise staff of the councils policy and procedures regarding
DFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017
DFARS 252.204-7012 Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017 As with most government documents, one often leads to another. And that s the case with DFARS 252.204-7012.
GM Information Security Controls
: Table of Contents 2... 2-1 2.1 Responsibility to Maintain... 2-2 2.2 GM s Right to Monitor... 2-2 2.3 Personal Privacy... 2-3 2.4 Comply with Applicable Laws and Site Specific Restrictions... 2-3 2.5
Corporate Guideline ENVIRONMENTAL POLICY
ENVIRONMENTAL POLICY Table of contents Intro... 3 ENVIRONMENTAL STANDARDS... 4 SCOPE... 5 RESPONSIBILITY... 6 2 Intro UTIMACO GROUP includes all businesses operated by Utimaco Group companies (here: Utimaco).
Data Privacy Breach Policy and Procedure
Data Privacy Breach Policy and Procedure Document Information Last revision date: April 16, 2018 Adopted date: Next review: January 1 Annually Overview A privacy breach is an action that results in an
2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY
2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY Purpose: The purpose of this policy is to provide instruction and information to staff, auditors, consultants, contractors and tenants on
Guest Wireless Policy
Effective: April 1, 2016 Last Revised: November 27, 2017 Responsible University Office: Information Technology Services Responsible University Administrator: Chief Information Officer Policy Contact: Deb
Identity Theft Prevention Program. Effective beginning August 1, 2009
Identity Theft Prevention Program Effective beginning August 1, 2009 I. PROGRAM ADOPTION Christian Brothers University developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission's
Access Control List Network Solution for Cleveland Branch Offices Kevin O Neal DeVry University NETW208: Accessing the WAN
1 Access Control List Network Solution for Cleveland Branch Offices Kevin O Neal DeVry University NETW208: Accessing the WAN Submitted to: Professor: Hopkins Date: 10.-7-2012 Implementation and Creation
Table of Contents. PCI Information Security Policy
PCI Information Security Policy Policy Number: ECOMM-P-002 Effective Date: December, 14, 2016 Version Number: 1.0 Date Last Reviewed: December, 14, 2016 Classification: Business, Finance, and Technology
Juniper Vendor Security Requirements
Juniper Vendor Security Requirements INTRODUCTION This document describes measures and processes that the Vendor shall, at a minimum, implement and maintain in order to protect Juniper Data against risks
EA-ISP-009 Use of Computers Policy
Technology & Information Services EA-ISP-009 Use of Computers Policy Owner: Nick Sharratt Author: Paul Ferrier Date: 28/03/2018 Document Security Level: PUBLIC Document Version: 1.05 Document Ref: EA-ISP-009
E RADAR. All Rights Reserved. Acceptable Use Policy
Email Acceptable Use Policy For further help, please contact support@eradar.eu Item Number LD 0002 Author E RADAR LIMITED Disclaimer This template is provided with the understanding that the publisher
Information Security Policy
Document title: [ Information Security Policy May 2017 ] Approval date: [ May 2017 ] Purpose of document: [ To define AUC s information security program main pillars and components] Office/department responsible:
You may use the Service to either access, establish or change the following:
Online Access Agreement June 18, 2015 (Revision date) I. Introduction This Online Access Agreement (this "Agreement") contains the terms that govern your use of the Participants' Private Area of the www.afmsagaftrafund.org
Controls Electronic messaging Information involved in electronic messaging shall be appropriately protected.
I Use of computers This document is part of the UCISA Information Security Toolkit providing guidance on the policies and processes needed to implement an organisational information security policy. To
Security and Privacy Breach Notification
Security and Privacy Breach Notification Version Approval Date Owner 1.1 May 17, 2017 Privacy Officer 1. Purpose To ensure that the HealthShare Exchange of Southeastern Pennsylvania, Inc. (HSX) maintains
Virginia State University Policies Manual. Title: Information Security Program Policy: 6110
Purpose Virginia State University (VSU) uses information to perform the business services and functions necessary to fulfill its mission. VSU information is contained in many different mediums including
Tennessee Technological University Policy No Password Management
Tennessee Technological University Policy No. 852 Password Management Effective Date: January 1, 2014 Policy No: 852 Policy Name: Password Management Policy Policy Subject: Password Management Date Revised:
WEB ACCESSIBILITY POLICY
WEB ACCESSIBILITY POLICY I. Policy Section 15.0 Information Technology II. Policy Subsection 15.2 Web Accessibility Policy III. Policy Statement Grand Rapids Community College will monitor and promote