Controls For Securing Removable / Portable Media

2192 Words Jul 2nd, 2015 9 Pages
Contents
Communications and Operations Policy 2
Policy Statement 2
Controls for securing removable/portable media: 2
Data backup procedures: 4
Separation of Duties: 6
Data collection and secure disposal of data/media: 6
Monitoring system use: 7
Protection of log information, (administrator and operator logs): 8
Protection of system documentation: 8
Antivirus: 8
Network controls: 9
Network management controls and services: 10
Exchange of information: 11
Electronic Commerce: 12

Communications and Operations Policy
Policy Statement
Departments are required to develop and implement policies to secure the operations, availability, and maintenance of information technology resources including network infrastructure and communications from unauthorized access, destruction, and corruption.
Such policy must address the need for development, testing, and production environments to be separated in order to reduce the risk of unauthorized access or incidental changes to the production environment.
It is necessary to identify the degree of separation necessary to prevent problems during operations or security incidents prior to identifying and implementing appropriate controls and security hardening.
Departments are required to implement procedures for managing system activities associated with access to information and information systems, modes of communication, and information processing by implementing:
Controls for securing removable/portable media: Departments are required…
Open Document