0% found this document useful (0 votes)

51 views

Query Process

The document outlines an information security policy and procedures for an organization. It covers various topics around asset management, human resources, physical security, operations management, access control, system development and maintenance, incident management, business continuity, and compliance. Sections provide details on classification and handling of information, employee lifecycle management, equipment security, network controls, user authentication and authorization, system changes, reporting security incidents, and meeting legal and regulatory requirements.

Uploaded by

ingersoll78

Available Formats

Download as XLS, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

51 views

Query Process

Uploaded by

ingersoll78

Available Formats

Download as XLS, PDF, TXT or read online on Scribd

You are on page 1/ 13

5 Game.

gif Security policy

6 Game.gif Information security policy
7 Game.gif Information security policy document
8 Game.gif Review of the information security policy
9 Game.gif Organization of information security
10 Game.gif Internal Organization
11 Game.gif Management commitment to information security
12 Game.gif Information security coordination
13 Game.gif Allocation of information security responsibilities
14 Game.gif Authorization process for information processing facilities
15 Game.gif Confidentiality agreements
16 Game.gif Contact with authorities
17 Game.gif Contact with special interest groups
18 Game.gif Independent review of information security
Game.gif External Parties
Game.gif Identification of risks related to external parties
A.6.2.2 Addressing security when dealing with customers
A.6.2.3 Addressing security in third party agreements
A.7 Asset Management
A.7.1 Responsibility of Assets
A.7.1.1 Inventory of assets
A.7.1.2 Ownership of assets
A.7.1.3 Acceptable use of assets
A.7.2 Information Classification
A.7.2.1 Classification guidelines
A.7.2.2 Information labeling and handling
A.8 Human resource security
A.8.1 Prior to employment
A.8.1.1 Roles and responsibilities
A.8.1.2 Screening
A.8.1.3 Terms and conditions
A.8.2 During employment
A.8.2.1 Management responsibility
A.8.2.2 Information systems training education and awareness
A.8.2.3 Disciplinary Process
A.8.3 Termination or change of employment
A.8.3.1 Termination responsibilities
A.8.3.2 Return of assets
A.8.3.3 Removal of assess rights
A.9 Physical and environmental security
A.9.1 Secure areas
A.9.1.1 Physical security perimeter
A.9.1.2 Physical entry controls
A.9.1.3 Securing offices, rooms and facilities
A.9.1.4 Protection against external and environmental threats
A.9.1.5 Working in secure areas
A.9.1.6 Public access delivery and loading
A.9.2 Equipment Security
A.9.2.1 Equipment sitting and protection
A.9.2.2 support utilities
A.9.2.3 Cabling security
A.9.2.4 Equipment maintenance
A.9.2.5 Equipment in offsite premises
A.9.2.6 Secure disposal and reuse of equipment
A.9.2.7 Removal of property
A.10 Communication and operations management
A.10.1 Operating Procedure and responsibilities
A.10.1.1 Documented operating procedure
A.10.1.2 Change management
A.10.1.3 Segregation of duties
A.10.1.4 Separation of development test and operational facilities
A.10.2 Third Party service delivery management
A.10.2.1 Service delivery
A.10.2.2 Monitoring and review of third party services
A.10.2.3 Managing Changes to third party services
A.10.3 System planning and Acceptance
A.10.3.1 Capacity management
A.10.3.2 System Acceptance
A.10.4 Protection against malicious and mobile code
A.10.4.1 Controls against malicious code
A.10.4.2 Controls against mobile code
A.10.5 Back up
A.10.5.1 Information Back up
A.10.6 Network security management
A.10.6.1 Network controls
A.10.6.2 Securing Network Services
A.10.7 Media handling
A.10.7.1 Management of removable media
A.10.7.2 Disposal of media
A.10.7.3 Information handling procedures
A.10.7.4 Security in system documentation
A.10.8 Exchange of Information
A.10.8.1 Information exchange Policies Procedures
A.10.8.2 Exchange agreements
A.10.8.3 Physical media during transit
A.10.8.4 Electronic messaging service
A.10.9 Electronic Commerce service
A.10.9.1 Electronic commerce
A.10.9.2 Online transactions
A.10.9.3 Publically available information
A.10.9.4 Protection against external and environmental threats
A.10.10 Monitoring
A.10.10.1 Audit logging
A.10.10.2 Monitoring system use
A.10.10.3 Protection of log information
A.10.10.4 Administrator and operator log
A.10.10.5 Faulty Logging
A.10.10.6 Clock Synchronization
A.11 Access Control
A.11.1 Business Requirement for access Control
A.11.1.1 Access control policy
A.11.2 User access management
A.11.2.1 User registration
A.11.2.2 Privileged management
A.11.2.3 Password management
A.11.2.4 Review of access rights
A.11.3 User responsibilities
A.11.3.1 Password use
A.11.3.2 Unattended user equipment
A.11.3.3 Clear desk and clear screen policy
A.11.4 Network access control
A.11.4.1 Policy on use of network controls
A.11.4.2 User authentication for external connections
A.11.4.3 Equipment identification in networks
A.11.4.4 Remote diagnostic and configuration port protection
A.11.4.5 Segregation in networks
A.11.4.6 Network connection control
A.11.4.7 Network routing control
A.11.5 Operating system access control
A.11.5.1 Secure log on procedure
A.11.5.2 User identification and authentication
A.11.5.3 Password management system
A.11.5.4 Use of system utilities
A.11.5.5 Session time out
A.11.5.6 Limitation of connection time
A.11.6 Application and information access control
A.11.6.1 Information Access restriction
A.11.6.2 Sensitive system isolation
A.11.7 Mobile computing and teleworking
A.11.7.1 Mobile computing and communication
A.11.7.2 Teleworking
A.12 Information System Acquisition, Development and Maintenance
A.12.1 Security requirements
A.12.1.1 Security requirements analysis and specification
A.12.2 Correct processing in application
A.12.2.1 Input Data Validation
A.12.2.2 Control of internal processing
A.15.1.4 Data Protection and Privacy of personal information
A.12.2.4 Output data validation
A.12.3 Cryptographic controls
A.12.3.1 Policy on use of cryptographic controls
A.12.3.2 Key management
A.12.4 Security of system files
A.12.4.1 Control of operational Software
A.12.4.2 Protection of system test
A.12.4.3 Access control to program source code
A.12.5 Security in development and support process
A.12.5.1 Change Control Procedure
A.12.5.2 Technical Review of application after operating System changes
A.12.5.3 Restrictions on changes to software Packages
A.12.5.4 Information Leakage
A.12.5.5 Outsourced software development
A.12.6 Technical vulnerability management
A.12.6.1 Control of technical vulnerability
A.13 Information security Incident management
A.13.1 Reporting Information security events and weakness
A.13.1.1 Reporting Information security events
A.13.1.2 Reporting information security weakness
A.13.2 Management of information security incidents and improvements
A.13.2.1 Responsibilities and procedures
A.13.2.2 Learning from information security incidents
A.13.2.3 Collection of evidence
A.14 Business continuity management
A.14.1 Information security aspects of business continuity management
A.14.1.1 Including information security in the BCM Process
A.14.1.2 Business continuity and risk assessment
A.14.1.3 Developing and implementing continuity plan including information secur
A.14.1.4 BCP Framework
A.14.1.5 Testing maintaining and reassessing of BCP
A.15 Compliance
A.15.1 Compliance with legal requirements
A.15.1.1 Identification of Applicable legislations
A.15.1.2 Intellectual property rights (IPR)
A.15.1.3 Protection of organizational records
A.15.1.4 Data Protection and Privacy of personal information
A.15.1.5 Prevention and misuse of information processing facilities
A.15.1.6 Regulation of cryptographic controls
A.15.2 compliance with security policy and standards and technical compliance
A.15.2.1 Compliance with security Policy and standards
A.15.2.2 Technical compliance checking
A.15.3 Information system audit considerations
A.15.3.1 Information system audit controls
A.15.3.2 Protection of information systems audit tools
insert into game_gallery (comp_proc_desc) values ('Game.gif Security policy');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Information security policy ');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Information security policy document');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Review of the information security policy');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Organization of information security');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Internal Organization');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Management commitment to information security');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Information security coordination');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Allocation of information security responsibilities');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Authorization process for information processing facilities
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Confidentiality agreements');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Contact with authorities');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Contact with special interest groups');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Independent review of information security');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif External Parties');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Identification of risks related to external parties');
insert into master_comp_proc (comp_proc_desc) values ('A.6.2.2 Addressing security when dealing with customers');
insert into master_comp_proc (comp_proc_desc) values ('A.6.2.3 Addressing security in third party agreements');
insert into master_comp_proc (comp_proc_desc) values ('A.7 Asset Management');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1 Responsibility of Assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1.1 Inventory of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1.2 Ownership of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1.3 Acceptable use of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.2 Information Classification');
insert into master_comp_proc (comp_proc_desc) values ('A.7.2.1 Classification guidelines');
insert into master_comp_proc (comp_proc_desc) values ('A.7.2.2 Information labeling and handling');
insert into master_comp_proc (comp_proc_desc) values ('A.8 Human resource security');
insert into master_comp_proc (comp_proc_desc) values ('A.8.1 Prior to employment');
insert into master_comp_proc (comp_proc_desc) values ('A.8.1.1 Roles and responsibilities');
insert into master_comp_proc (comp_proc_desc) values ('A.8.1.2 Screening');
insert into master_comp_proc (comp_proc_desc) values ('A.8.1.3 Terms and conditions');
insert into master_comp_proc (comp_proc_desc) values ('A.8.2 During employment');
insert into master_comp_proc (comp_proc_desc) values ('A.8.2.1 Management responsibility');
insert into master_comp_proc (comp_proc_desc) values ('A.8.2.2 Information systems training education and awareness');
insert into master_comp_proc (comp_proc_desc) values ('A.8.2.3 Disciplinary Process');
insert into master_comp_proc (comp_proc_desc) values ('A.8.3 Termination or change of employment');
insert into master_comp_proc (comp_proc_desc) values ('A.8.3.1 Termination responsibilities');
insert into master_comp_proc (comp_proc_desc) values ('A.8.3.2 Return of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.8.3.3 Removal of assess rights');
insert into master_comp_proc (comp_proc_desc) values ('A.9 Physical and environmental security');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1 Secure areas');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.1 Physical security perimeter');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.2 Physical entry controls');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.3 Securing offices, rooms and facilities');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.4 Protection against external and environmental threats');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.5 Working in secure areas');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.6 Public access delivery and loading');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2 Equipment Security');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.1 Equipment sitting and protection');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.2 support utilities');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.3 Cabling security');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.4 Equipment maintenance');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.5 Equipment in offsite premises');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.6 Secure disposal and reuse of equipment');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.7 Removal of property');
insert into master_comp_proc (comp_proc_desc) values ('A.10 Communication and operations management');
insert into master_comp_proc (comp_proc_desc) values ('A.10.1 Operating Procedure and responsibilities');
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.1 Documented operating procedure');
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.2 Change management');
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.3 Segregation of duties');
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.4 Separation of development test and operational facilities')
insert into master_comp_proc (comp_proc_desc) values ('A.10.2 Third Party service delivery management');
insert into master_comp_proc (comp_proc_desc) values ('A.10.2.1 Service delivery');
insert into master_comp_proc (comp_proc_desc) values ('A.10.2.2 Monitoring and review of third party services');
insert into master_comp_proc (comp_proc_desc) values ('A.10.2.3 Managing Changes to third party services');
insert into master_comp_proc (comp_proc_desc) values ('A.10.3 System planning and Acceptance');
insert into master_comp_proc (comp_proc_desc) values ('A.10.3.1 Capacity management');
insert into master_comp_proc (comp_proc_desc) values ('A.10.3.2 System Acceptance');
insert into master_comp_proc (comp_proc_desc) values ('A.10.4 Protection against malicious and mobile code');
insert into master_comp_proc (comp_proc_desc) values ('A.10.4.1 Controls against malicious code');
insert into master_comp_proc (comp_proc_desc) values ('A.10.4.2 Controls against mobile code');
insert into master_comp_proc (comp_proc_desc) values ('A.10.5 Back up');
insert into master_comp_proc (comp_proc_desc) values ('A.10.5.1 Information Back up');
insert into master_comp_proc (comp_proc_desc) values ('A.10.6 Network security management');
insert into master_comp_proc (comp_proc_desc) values ('A.10.6.1 Network controls');
insert into master_comp_proc (comp_proc_desc) values ('A.10.6.2 Securing Network Services');
insert into master_comp_proc (comp_proc_desc) values ('A.10.7 Media handling');
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.1 Management of removable media');
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.2 Disposal of media');
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.3 Information handling procedures');
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.4 Security in system documentation');
insert into master_comp_proc (comp_proc_desc) values ('A.10.8 Exchange of Information');
insert into master_comp_proc (comp_proc_desc) values ('A.10.8.1 Information exchange Policies Procedures');
insert into master_comp_proc (comp_proc_desc) values ('A.10.8.2 Exchange agreements');
insert into master_comp_proc (comp_proc_desc) values ('A.10.8.3 Physical media during transit');
insert into master_comp_proc (comp_proc_desc) values ('A.10.8.4 Electronic messaging service');
insert into master_comp_proc (comp_proc_desc) values ('A.10.9 Electronic Commerce service');
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.1 Electronic commerce');
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.2 Online transactions');
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.3 Publically available information');
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.4 Protection against external and environmental threats');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10 Monitoring');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.1 Audit logging');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.2 Monitoring system use');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.3 Protection of log information');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.4 Administrator and operator log');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.5 Faulty Logging');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.6 Clock Synchronization');
insert into master_comp_proc (comp_proc_desc) values ('A.11 Access Control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.1 Business Requirement for access Control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.1.1 Access control policy');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2 User access management');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.1 User registration');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.2 Privileged management');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.3 Password management');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.4 Review of access rights');
insert into master_comp_proc (comp_proc_desc) values ('A.11.3 User responsibilities');
insert into master_comp_proc (comp_proc_desc) values ('A.11.3.1 Password use');
insert into master_comp_proc (comp_proc_desc) values ('A.11.3.2 Unattended user equipment');
insert into master_comp_proc (comp_proc_desc) values ('A.11.3.3 Clear desk and clear screen policy');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4 Network access control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.1 Policy on use of network controls');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.2 User authentication for external connections');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.3 Equipment identification in networks');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.4 Remote diagnostic and configuration port protection');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.5 Segregation in networks');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.6 Network connection control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.7 Network routing control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5 Operating system access control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.1 Secure log on procedure');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.2 User identification and authentication');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.3 Password management system');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.4 Use of system utilities');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.5 Session time out');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.6 Limitation of connection time');
insert into master_comp_proc (comp_proc_desc) values ('A.11.6 Application and information access control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.6.1 Information Access restriction');
insert into master_comp_proc (comp_proc_desc) values ('A.11.6.2 Sensitive system isolation');
insert into master_comp_proc (comp_proc_desc) values ('A.11.7 Mobile computing and teleworking');
insert into master_comp_proc (comp_proc_desc) values ('A.11.7.1 Mobile computing and communication');
insert into master_comp_proc (comp_proc_desc) values ('A.11.7.2 Teleworking');
insert into master_comp_proc (comp_proc_desc) values ('A.12 Information System Acquisition, Development and Maintenan
insert into master_comp_proc (comp_proc_desc) values ('A.12.1 Security requirements');
insert into master_comp_proc (comp_proc_desc) values ('A.12.1.1 Security requirements analysis and specification');
insert into master_comp_proc (comp_proc_desc) values ('A.12.2 Correct processing in application');
insert into master_comp_proc (comp_proc_desc) values ('A.12.2.1 Input Data Validation');
insert into master_comp_proc (comp_proc_desc) values ('A.12.2.2 Control of internal processing');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.4 Data Protection and Privacy of personal information');
insert into master_comp_proc (comp_proc_desc) values ('A.12.2.4 Output data validation');
insert into master_comp_proc (comp_proc_desc) values ('A.12.3 Cryptographic controls');
insert into master_comp_proc (comp_proc_desc) values ('A.12.3.1 Policy on use of cryptographic controls');
insert into master_comp_proc (comp_proc_desc) values ('A.12.3.2 Key management');
insert into master_comp_proc (comp_proc_desc) values ('A.12.4 Security of system files');
insert into master_comp_proc (comp_proc_desc) values ('A.12.4.1 Control of operational Software');
insert into master_comp_proc (comp_proc_desc) values ('A.12.4.2 Protection of system test');
insert into master_comp_proc (comp_proc_desc) values ('A.12.4.3 Access control to program source code');
insert into master_comp_proc (comp_proc_desc) values ('A.12.5 Security in development and support process');
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.1 Change Control Procedure');
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.2 Technical Review of application after operating System ch
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.3 Restrictions on changes to software Packages');
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.4 Information Leakage');
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.5 Outsourced software development');
insert into master_comp_proc (comp_proc_desc) values ('A.12.6 Technical vulnerability management');
insert into master_comp_proc (comp_proc_desc) values ('A.12.6.1 Control of technical vulnerability');
insert into master_comp_proc (comp_proc_desc) values ('A.13 Information security Incident management');
insert into master_comp_proc (comp_proc_desc) values ('A.13.1 Reporting Information security events and weakness');
insert into master_comp_proc (comp_proc_desc) values ('A.13.1.1 Reporting Information security events');
insert into master_comp_proc (comp_proc_desc) values ('A.13.1.2 Reporting information security weakness');
insert into master_comp_proc (comp_proc_desc) values ('A.13.2 Management of information security incidents and improve
insert into master_comp_proc (comp_proc_desc) values ('A.13.2.1 Responsibilities and procedures ');
insert into master_comp_proc (comp_proc_desc) values ('A.13.2.2 Learning from information security incidents');
insert into master_comp_proc (comp_proc_desc) values ('A.13.2.3 Collection of evidence');
insert into master_comp_proc (comp_proc_desc) values ('A.14 Business continuity management');
insert into master_comp_proc (comp_proc_desc) values ('A.14.1 Information security aspects of business continuity managem
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.1 Including information security in the BCM Process');
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.2 Business continuity and risk assessment');
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.3 Developing and implementing continuity plan including in
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.4 BCP Framework');
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.5 Testing maintaining and reassessing of BCP');
insert into master_comp_proc (comp_proc_desc) values ('A.15 Compliance');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1 Compliance with legal requirements');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.1 Identification of Applicable legislations');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.2 Intellectual property rights (IPR)');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.3 Protection of organizational records');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.4 Data Protection and Privacy of personal information');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.5 Prevention and misuse of information processing facilities
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.6 Regulation of cryptographic controls');
insert into master_comp_proc (comp_proc_desc) values ('A.15.2 compliance with security policy and standards and technical
insert into master_comp_proc (comp_proc_desc) values ('A.15.2.1 Compliance with security Policy and standards');
insert into master_comp_proc (comp_proc_desc) values ('A.15.2.2 Technical compliance checking');
insert into master_comp_proc (comp_proc_desc) values ('A.15.3 Information system audit considerations');
insert into master_comp_proc (comp_proc_desc) values ('A.15.3.1 Information system audit controls');
insert into master_comp_proc (comp_proc_desc) values ('A.15.3.2 Protection of information systems audit tools');
ation security');
Normal
Abnormal
Emergency
Legal requirement
Interested party concern
insert into master_comp_proc (comp_proc_desc) values ('Normal');
insert into master_comp_proc (comp_proc_desc) values ('Abnormal');
insert into master_comp_proc (comp_proc_desc) values ('Emergency');
insert into master_comp_proc (comp_proc_desc) values ('Legal requirement');
insert into master_comp_proc (comp_proc_desc) values ('Interested party concern');

Hourglass Workout Program by Luisagiuliet 2
76% (21)
Hourglass Workout Program by Luisagiuliet 2
51 pages
12 Week Program: Summer Body Starts Now
87% (46)
12 Week Program: Summer Body Starts Now
70 pages
Read People Like A Book by Patrick King-Edited
57% (83)
Read People Like A Book by Patrick King-Edited
12 pages
Livingood, Blake - Livingood Daily Your 21-Day Guide To Experience Real Health
77% (13)
Livingood, Blake - Livingood Daily Your 21-Day Guide To Experience Real Health
260 pages
Cheat Code To The Universe
94% (79)
Cheat Code To The Universe
34 pages
Facial Gains Guide (001 081)
91% (45)
Facial Gains Guide (001 081)
81 pages
Curse of Strahd
95% (467)
Curse of Strahd
258 pages
The Psychiatric Interview - Daniel Carlat
91% (34)
The Psychiatric Interview - Daniel Carlat
473 pages
The Borax Conspiracy
91% (57)
The Borax Conspiracy
14 pages
The Secret Language of Attraction
86% (108)
The Secret Language of Attraction
278 pages
How To Develop and Write A Grant Proposal
83% (542)
How To Develop and Write A Grant Proposal
17 pages
Penis Enlargement Secret
60% (124)
Penis Enlargement Secret
12 pages
Workbook For The Body Keeps The Score
89% (53)
Workbook For The Body Keeps The Score
111 pages
Donald Trump & Jeffrey Epstein Rape Lawsuit and Affidavits
83% (1016)
Donald Trump & Jeffrey Epstein Rape Lawsuit and Affidavits
13 pages
KamaSutra Positions
78% (69)
KamaSutra Positions
55 pages
7 Hermetic Principles
93% (30)
7 Hermetic Principles
3 pages
27 Feedback Mechanisms Pogil Key
77% (13)
27 Feedback Mechanisms Pogil Key
6 pages
Frank Hammond - List of Demons
92% (92)
Frank Hammond - List of Demons
3 pages
Phone Codes
79% (28)
Phone Codes
5 pages
36 Questions That Lead To Love
91% (35)
36 Questions That Lead To Love
3 pages
How 2 Setup Trust
97% (307)
How 2 Setup Trust
3 pages
100 Questions To Ask Your Partner
78% (36)
100 Questions To Ask Your Partner
2 pages
The 36 Questions That Lead To Love - The New York Times
91% (35)
The 36 Questions That Lead To Love - The New York Times
3 pages
Satanic Calendar
25% (56)
Satanic Calendar
4 pages
The 36 Questions That Lead To Love - The New York Times
95% (21)
The 36 Questions That Lead To Love - The New York Times
3 pages
14 Easiest & Hardest Muscles To Build (Ranked With Solutions)
100% (8)
14 Easiest & Hardest Muscles To Build (Ranked With Solutions)
27 pages
Jeffrey Epstein39s Little Black Book Unredacted PDF
75% (12)
Jeffrey Epstein39s Little Black Book Unredacted PDF
95 pages
ESDS - ISO 27017 Checklist
No ratings yet
ESDS - ISO 27017 Checklist
14 pages
1001 Songs
70% (73)
1001 Songs
1,798 pages
The 4 Hour Workweek, Expanded and Updated by Timothy Ferriss - Excerpt
23% (954)
The 4 Hour Workweek, Expanded and Updated by Timothy Ferriss - Excerpt
38 pages
Zodiac Sign & Their Most Common Addictions
63% (30)
Zodiac Sign & Their Most Common Addictions
9 pages
CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701
From Everand
CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701
Mike Chapple
5/5 (1)
Youtube Monetization Guide
No ratings yet
Youtube Monetization Guide
100 pages
ISO27001 RASCI Matrix
100% (1)
ISO27001 RASCI Matrix
9 pages
Statement of Applicability
No ratings yet
Statement of Applicability
10 pages
ISO 27001:2013 Statement of Applicability
70% (10)
ISO 27001:2013 Statement of Applicability
21 pages
IC ISO 27001 Business Continuity Checklist 10838
100% (1)
IC ISO 27001 Business Continuity Checklist 10838
8 pages
ISMS Annex A Information Security Control Checklist
No ratings yet
ISMS Annex A Information Security Control Checklist
19 pages
Iso27k Iso Iec 27002 Outline
No ratings yet
Iso27k Iso Iec 27002 Outline
4 pages
Gap Analysis Tool
No ratings yet
Gap Analysis Tool
43 pages
ISO 27001 Controls
No ratings yet
ISO 27001 Controls
20 pages
Section Sub Section 1 Security Policy
No ratings yet
Section Sub Section 1 Security Policy
12 pages
I So 7799 Audit Question
No ratings yet
I So 7799 Audit Question
12 pages
ISMS Audit
No ratings yet
ISMS Audit
12 pages
IA-Checklist - ISMS 6 Feb 2018
No ratings yet
IA-Checklist - ISMS 6 Feb 2018
41 pages
ISO 27001 Statement-of-Applicability
No ratings yet
ISO 27001 Statement-of-Applicability
12 pages
Iso Audit Question
No ratings yet
Iso Audit Question
12 pages
GAP Analysis V1
100% (1)
GAP Analysis V1
79 pages
PCI DSS v3.2 Vs ISO 27001 2013 - 160729
No ratings yet
PCI DSS v3.2 Vs ISO 27001 2013 - 160729
99 pages
ISO27002-2013 Version Change Summary
No ratings yet
ISO27002-2013 Version Change Summary
8 pages
2019 07 07 13 26 25 Information Security - Policy - Draft
No ratings yet
2019 07 07 13 26 25 Information Security - Policy - Draft
69 pages
UK Gambling Commission Security Audit
No ratings yet
UK Gambling Commission Security Audit
4 pages
ISO27k 27001 Maltego Mind Map
100% (1)
ISO27k 27001 Maltego Mind Map
51 pages
Controles Iso 27001-2013
No ratings yet
Controles Iso 27001-2013
9 pages
ISO/IEC27001:2013 Statement of Applicability: Luciano Quartarone Con Link A HTTP://WWW - Lucianoquartarone.it)
No ratings yet
ISO/IEC27001:2013 Statement of Applicability: Luciano Quartarone Con Link A HTTP://WWW - Lucianoquartarone.it)
71 pages
QGCIO Sample SoA Annd Essential 8 For Workshop
No ratings yet
QGCIO Sample SoA Annd Essential 8 For Workshop
29 pages
ISO QGCIO-Sample-SoA-annd-Essential-8-for-workshop
No ratings yet
ISO QGCIO-Sample-SoA-annd-Essential-8-for-workshop
25 pages
ISO 27002 2013 2022 MAP Annex B
No ratings yet
ISO 27002 2013 2022 MAP Annex B
12 pages
ISO27k SOA 2013 English and Spanish
No ratings yet
ISO27k SOA 2013 English and Spanish
17 pages
ISO27002 ControlsCrossCheck
No ratings yet
ISO27002 ControlsCrossCheck
3 pages
2022 - ISO Controls Checklist
No ratings yet
2022 - ISO Controls Checklist
81 pages
Iso 27001 Checklist Template: Information Security Policies
No ratings yet
Iso 27001 Checklist Template: Information Security Policies
7 pages
Ic Iso 27001 Checklist 10838 PDF
No ratings yet
Ic Iso 27001 Checklist 10838 PDF
7 pages
Iso 27001 Business Continuity Checklist
100% (1)
Iso 27001 Business Continuity Checklist
6 pages
ISOIEC 270022022 Vs ISOIEC 270022013
No ratings yet
ISOIEC 270022022 Vs ISOIEC 270022013
13 pages
Auditoria de Riesgo Tecnológico v1.0
No ratings yet
Auditoria de Riesgo Tecnológico v1.0
267 pages
ISO 27001 2013 Statement of Applicability
No ratings yet
ISO 27001 2013 Statement of Applicability
21 pages
ISO27k SOA 2013 in 5 Languages
No ratings yet
ISO27k SOA 2013 in 5 Languages
45 pages
Controls
No ratings yet
Controls
1 page
Lecture 08 BCA387&BCO327 Policies
No ratings yet
Lecture 08 BCA387&BCO327 Policies
30 pages
ISMS SOA Statement of Applicability V1.2 Teamplte
No ratings yet
ISMS SOA Statement of Applicability V1.2 Teamplte
11 pages
Doc04 - ISO 27001-2013 ISMS Manual TOP
No ratings yet
Doc04 - ISO 27001-2013 ISMS Manual TOP
19 pages
Iso 27001 Controls Checklist
100% (1)
Iso 27001 Controls Checklist
5 pages
Iso 27001 Business Continuity Checklist: Your Logo
No ratings yet
Iso 27001 Business Continuity Checklist: Your Logo
10 pages
Iso 27001
0% (1)
Iso 27001
116 pages
2 ISO 27002-2013 - Control Cross Check (EN)
No ratings yet
2 ISO 27002-2013 - Control Cross Check (EN)
2 pages
Checllist 27001 by Priti
No ratings yet
Checllist 27001 by Priti
27 pages
ISO 27001 Statement of Applicability
No ratings yet
ISO 27001 Statement of Applicability
4 pages
Statement of Applicability
No ratings yet
Statement of Applicability
22 pages
Neupart Soa Template
No ratings yet
Neupart Soa Template
5 pages
Cloud Control Framework External 241012
No ratings yet
Cloud Control Framework External 241012
16 pages
Cobit Sox Hipaa and Glba Mapping Templates
No ratings yet
Cobit Sox Hipaa and Glba Mapping Templates
5 pages
IC ISO 27001 Controls Checklist 10838
No ratings yet
IC ISO 27001 Controls Checklist 10838
6 pages
IC-ISO-27001-Controls-Checklist-10838
No ratings yet
IC-ISO-27001-Controls-Checklist-10838
3 pages
SOA 27001 Controles Aplicados
No ratings yet
SOA 27001 Controles Aplicados
16 pages
Chapter Two (1)
No ratings yet
Chapter Two (1)
28 pages
Compliance Assessment Results: A.5 Information Security Policies
No ratings yet
Compliance Assessment Results: A.5 Information Security Policies
22 pages
12 SecurityProcedure - Standard
No ratings yet
12 SecurityProcedure - Standard
27 pages
CISM Certified Information Security Manager Study Guide
From Everand
CISM Certified Information Security Manager Study Guide
Mike Chapple
4/5 (1)
CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-004
From Everand
CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-004
Nadean H. Tanner
No ratings yet
CompTIA CySA+ Study Guide: Exam CS0-003
From Everand
CompTIA CySA+ Study Guide: Exam CS0-003
Mike Chapple
2/5 (1)
Ecoeemmerce Course LUMS CES
No ratings yet
Ecoeemmerce Course LUMS CES
3 pages
Archiving FI Transaction Figures
No ratings yet
Archiving FI Transaction Figures
4 pages
White and Light Blue Professional Modern Health Care Presentation
No ratings yet
White and Light Blue Professional Modern Health Care Presentation
7 pages
Resume Vinay
No ratings yet
Resume Vinay
2 pages
Testing Business Ideas
No ratings yet
Testing Business Ideas
22 pages
MSSP Draft
No ratings yet
MSSP Draft
6 pages
2886140 - Poland White list register of taxpayers
No ratings yet
2886140 - Poland White list register of taxpayers
5 pages
Quectel Start Up Guide
No ratings yet
Quectel Start Up Guide
11 pages
Project Management Methodology
No ratings yet
Project Management Methodology
7 pages
Software Applications and Platforms: Ma. Donna V. Detablan
No ratings yet
Software Applications and Platforms: Ma. Donna V. Detablan
5 pages
NMH Doc Issue Plan
No ratings yet
NMH Doc Issue Plan
5 pages
The CIO's Guide To Breakthrough Portfolio Project Management Summary - Nat Eliason
No ratings yet
The CIO's Guide To Breakthrough Portfolio Project Management Summary - Nat Eliason
7 pages
M TechCSDF
No ratings yet
M TechCSDF
2 pages
Software Estimations
No ratings yet
Software Estimations
68 pages
(Ebook) Intelligent Techniques for Predictive Data Analytics by Neha Singh, Shilpi Birla, Mohd Dilshad Ansari & Neeraj Kumar Shuklapdf download
100% (2)
(Ebook) Intelligent Techniques for Predictive Data Analytics by Neha Singh, Shilpi Birla, Mohd Dilshad Ansari & Neeraj Kumar Shuklapdf download
47 pages
Google Photo
No ratings yet
Google Photo
37 pages
Bathroom Indication
No ratings yet
Bathroom Indication
4 pages
All Task Cards Req Analysis and Design Def
No ratings yet
All Task Cards Req Analysis and Design Def
6 pages
Process Design and Reengineering
No ratings yet
Process Design and Reengineering
23 pages
Rapport Ford Diagnostic Software Installation Guide
No ratings yet
Rapport Ford Diagnostic Software Installation Guide
22 pages
Customer Service - Job Description
No ratings yet
Customer Service - Job Description
2 pages
CS-PROJECT-2024-25
No ratings yet
CS-PROJECT-2024-25
37 pages
Role of Agile Team
No ratings yet
Role of Agile Team
2 pages
تقرير حاسبات دورة حياة تطوير البرمجيات
No ratings yet
تقرير حاسبات دورة حياة تطوير البرمجيات
5 pages
Prediction of Churn Probability in Ott Platform
No ratings yet
Prediction of Churn Probability in Ott Platform
24 pages
redp5744
No ratings yet
redp5744
76 pages
Elec 1 Finals Reviewer
No ratings yet
Elec 1 Finals Reviewer
2 pages
IBM Maximo Predict
No ratings yet
IBM Maximo Predict
3 pages
ACT 145 Auditing in CIS Environment Final
No ratings yet
ACT 145 Auditing in CIS Environment Final
13 pages

Query Process

Uploaded by

Query Process

Uploaded by

5 Game.

gif Security policy

You might also like