Beruflich Dokumente
Kultur Dokumente
• Fire Extinguishers
c
h
e
s
a
f
e
t
y
p
r
o
c
e
d
u
r
e
s
Communications and Operations Management
Operational Procedures and responsibilities:
• Documented Operating Procedures
• Change Management
• Segregation of Duties
• Management /disposal of removable media
• Information Handling Procedures
• Information Backup
Disaster Recovery
It includes the following:
• Backup Contract
• Backup Locations
• Pick Ups
• Back Up Test
Access Control: a security technique that regulates who or what can
view or use resources in a computing environment. It is a
fundamental concept in security that minimizes risk to the business
or organization
It entails:
• Access Control Policy
• User Access Management
• User Responsibility
• Operating System Access Control
• Application and Information Access Control
Network infrastructure
The hardware and software resources of an entire network that enable network
connectivity, communication, operations and management of an
enterprise network in this case Gateway Bank.
It entails:
• Network components encryption passwords
• Routing protocols
• Remote Access
• Network Time Protocol (NTP) server
• Cabling
• BYOD
• Proactive Monitoring
• SNMP configuration
• Network usage and Graphs
• VLANS
Internet:
• Internet Service Providers
• Internet Back Up
• Internet Access for Servers
• Internet Access for Employees
• Blocked sites
• Internet traffic monitoring
• Logs
Viruses
• Virus Classification
• Antivirus
• Definition Updates
• Installation and Control on LAN devices
• Proactive Prevention, Scanning and Detection
• Devices allowed within the network
Data Files
• Data Assessment
• Organizational Record Protection
• Data Lost Risk and Found Activity
• Offsite file storage.
Business Continuity
• Information security
• Business Continuity and Risk assessment
• Implementing continuity plans in bank information security
• Framework of Business continuity Plan
Compliance:Compliance with legal requirements.
• Identification of applicable legislation
• Intellectual property rights (IPR)
• Protection of Organizational Records
• Data protection and privacy of Personal Information
• Prevention of misuse of information processing facilities
• Regulation of cryptographic controls