Search results
Jump to navigation
Jump to search
Page title matches
- ==Personnel Security== ...rs grant legitimate users system access necessary to perform their duties; security personnel enforce access rights in accordance with institution standards. B ...10 KB (1,327 words) - 12:54, 10 April 2007
- ==Security Management== ...ITIL Security Management is based on the code of practice for information security management also known as ISO/IEC 17799. ...32 KB (4,804 words) - 14:10, 27 February 2009
- =='''Logical Security'''== ...n a computer network or a computer workstation. It is a subset of computer security.<br> ...7 KB (1,093 words) - 19:00, 5 March 2007
- ==Data Security== The primary objective of information security is to protect the confidentiality, integrity, and availability of the insti ...9 KB (1,246 words) - 18:20, 10 April 2007
- ==Information Security Policy== ...is category is to provide management direction and support for information security in accordance with business requirements and all relevant laws, regulations ...8 KB (1,063 words) - 13:25, 23 May 2007
- ...tackers are unlikely to find them. The technique stands in contrast with [[security by design]], although many real-world projects include elements of both str ...aphy was disturbing to the US government, which seems to have been using a security through obscurity analysis to support its opposition to such work. ...11 KB (1,798 words) - 14:44, 14 June 2007
- ...years of testing and debugging, and while they may provide a great deal of security, they typically have no way to guarantee that a new bug or exploit won't be ...ty through obscurity|rely on being secret]]. It is not mandatory, but good security usually means that everyone is allowed to know and understand the design, ' ...2 KB (343 words) - 18:39, 14 June 2007
- ==Organizational Security== ...ogram Charter and supporting policies that are required to comply with ISO Security Policy objectives.<br> ...2 KB (202 words) - 12:40, 15 June 2007
- ...report lock down''', a '''credit lock down''', a '''credit lock''' or a '''security freeze''', allows an individual to control how a U.S. consumer reporting ag * [http://www.consumersunion.org/campaigns/learn_more/003484indiv.html State Security Freeze Laws], ConsumerUnion.org ...4 KB (663 words) - 12:59, 12 November 2011
- ==Security Audit Guidance== For security audit guidance, please refer to [[Audit_Guidance_Examination_Procedures | A ...5 KB (665 words) - 14:40, 11 April 2007
- ==Physical and Environmental Security== '''Physical security''' describes measures that prevent or deter attackers from accessing a faci ...4 KB (592 words) - 19:28, 14 June 2007
- ==Information Security Audit== ...rom auditing the physical security of data centers to the auditing logical security of databases and highlights key components to look for and different method ...21 KB (3,112 words) - 16:52, 15 June 2007
- ==Security Controls Implementation== [[Personnel Security:]]<br> ...431 bytes (45 words) - 13:31, 10 April 2007
- The objective of this category is to manage information security within the organization's overall administrative structure.<br> ===Management commitment to information security=== ...8 KB (996 words) - 12:49, 22 May 2007
- ...e defined and documented in accordance with the organization's information security policy.<br> * Act in accordance with the organization's information security policy, including execution of processes or activities particular to the in ...10 KB (1,387 words) - 14:04, 22 May 2007
- ...ses primarily out of [[ISO/IEC 17799]], a code of practice for information security management published by the [[International Organization for Standardizatio ...pts. ISM3 can be used as a template to make ISO 9001 compliant information security management systems. While ISO 27001 is controls based, ISM3 is process base ...2 KB (257 words) - 17:09, 22 March 2007
- ==Sources of standards for Information Security== ...n Security Management System]]s" are of particular interest to information security professionals.<br> ...2 KB (287 words) - 14:29, 8 March 2007
- ==Sample Security Awareness Standard== ...ation of the [[Sample Information Security Program Charter:|'''Information Security Program Charter''']]. and associated policies, standards, guidelines, and p ...3 KB (418 words) - 19:53, 14 January 2014
- 2 KB (382 words) - 20:24, 27 February 2008
- ...security practices for such systems. It requires the creation of computer security plans, and the appropriate training of system users or owners where the sys It has been superseded by the [[FISMA | Federal Information Security Management Act of 2002]] ...1 KB (168 words) - 11:37, 23 May 2010
Page text matches
- ==Security Controls Implementation== [[Personnel Security:]]<br> ...431 bytes (45 words) - 13:31, 10 April 2007
- ==Organizational Security== ...ogram Charter and supporting policies that are required to comply with ISO Security Policy objectives.<br> ...2 KB (202 words) - 12:40, 15 June 2007
- :Pointers to informative books on information security.<br> :Frequently asked questions and answers about security-related topics.<br> ...1,015 bytes (132 words) - 14:09, 8 March 2007
- ==Sample Employee Ongoing Security Awareness Standard== ...and provides specific instructions and requirements for providing ongoing security awareness education and training for Company employees. ...2 KB (275 words) - 17:10, 23 January 2014
- ==Federal information security incident center== ...— The Director shall ensure the operation of a central Federal information security incident center to—<br> ...1 KB (196 words) - 19:07, 3 June 2010
- =='''Information Security Research Resources'''== ...-leading published articles, research reports, and presentations from many security professionals. Topics include public key infrastructure (PKI), incident res ...978 bytes (124 words) - 00:00, 26 March 2007
- ==Sources of standards for Information Security== ...n Security Management System]]s" are of particular interest to information security professionals.<br> ...2 KB (287 words) - 14:29, 8 March 2007
- ...ver authorization, authentication, nonrepudiation, data classification and security monitoring may result in inaccurate financial reporting.''' ...security standards has been developed that supports the objectives of the security policy. ...3 KB (360 words) - 16:59, 25 June 2006
- ...ses primarily out of [[ISO/IEC 17799]], a code of practice for information security management published by the [[International Organization for Standardizatio ...pts. ISM3 can be used as a template to make ISO 9001 compliant information security management systems. While ISO 27001 is controls based, ISM3 is process base ...2 KB (257 words) - 17:09, 22 March 2007
- ==National security systems== The head of each agency operating or exercising control of a national security system shall be responsible for ensuring that the agency—<br> ...709 bytes (103 words) - 10:41, 2 June 2010
- ==National security systems== The head of each agency operating or exercising control of a national security system shall be responsible for ensuring that the agency—<br> ...709 bytes (103 words) - 21:02, 3 June 2010
- *[[Computer security]] *[[Computer network security]] ...1 KB (168 words) - 18:26, 14 June 2007
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...security policies and procedures to verify that the following information security responsibilities are specifically and formally assigned: ...2 KB (303 words) - 16:00, 2 March 2007
- ...sting templates containing questions that can be used to gauge and promote security awareness in specific areas. The testing can be distributed and responses c ...ity Best Practices and Addressing Regulatory Mandates Testing Template:|'''Security Best Practices and Addressing Regulatory Mandates test Template''']]<br> ...2 KB (289 words) - 16:08, 3 August 2006
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...security policies and procedures to verify that the following information security responsibilities are specifically and formally assigned: ...2 KB (293 words) - 15:59, 2 March 2007
- :'''Assign to an individual or team the following information security management responsibilities:'''<br> ...security policies and procedures to verify that the following information security responsibilities are specifically and formally assigned: ...2 KB (296 words) - 16:02, 2 March 2007
- ...ver authorization, authentication, nonrepudiation, data classification and security monitoring may result in inaccurate financial reporting.''' ...curity plan is updated to reflect changes in the IT environment as well as security requirements of specific systems. ...2 KB (317 words) - 17:15, 25 June 2006
- ...ate and distinct security service of confidentiality is not central to the security services of signer authentication and document authentication, and is thus ...480 bytes (67 words) - 15:47, 3 April 2007
- ...de a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support Federal operations and ass ...dination of information security efforts throughout the civilian, national security, and law enforcement communities;<br> ...1 KB (192 words) - 10:33, 1 June 2010
- ...de a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support Federal operations and ass ...dination of information security efforts throughout the civilian, national security, and law enforcement communities;<br> ...1 KB (192 words) - 10:36, 1 June 2010