|
|
| (6 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| '''MANAGEMENT CONTROL '''<br> | | '''Kentucky DOI'''<br> |
| <br> | | <br> |
| '''Applicability:'''<br> | | '''Applicability:'''<br> |
| <br> | | <br> |
| :: Sarbanes-Oxley''' | | * [[KY MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']] |
| :: HIPAA | | * [[KY ORGANIZATION CONTROLS:|'''ORGANIZATION CONTROLS''']] |
| :: GLBA | | * [[KY CHANGES TO APPLICATIONS:|'''CHANGES TO APPLICATIONS''']] |
| :: PCI | | * [[KY SYSTEM AND PROGRAM DEVELOPMENT:|'''SYSTEM AND PROGRAM DEVELOPMENT''']] |
| :: FISMA | | * [[KY OPERATIONS:|'''OPERATIONS''']] |
| :: NIST SP 800-66 | | * [[KY PROCESSING CONTROLS:|'''PROCESSING CONTROLS''']] |
| :: Ditscap | | * [[KY DOCUMENTATION:|'''DOCUMENTATION''']] |
| :: '''DOI''' | | * [[KY OUTSIDE SERVICE CENTER CONTROLS:|'''OUTSIDE SERVICE CENTER CONTROLS''']] |
| :: Control Exception | | * [[KY LOGICAL AND PHYSICAL SECURITY:|'''LOGICAL AND PHYSICAL SECURITY''']] |
| :: User Defined | | * [[KY CONTIGENCY PLANNING:|'''CONTIGENCY PLANNING''']] |
| | * [[KY E-BUSINESS CONTROLS:|'''E-BUSINESS CONTROLS''']] |
| | * [[KY WIDE AREA NETWORK (WAN) AND INTERNET CONTROLS:|'''WIDE AREA NETWORK (WAN) AND INTERNET CONTROLS''']] |
| <br> | | <br> |
| '''Risk Association Control Activities:'''<br>
| | * [[KY EXHIBIT C:|'''EXHIBIT C''']] |
| <br>
| |
| [[Image:Key-control.jpg]]<br>
| |
| ::'''1. [[KY DOI A.1:|'''KY DOI A.1''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
| |
| <br>
| |
| [[Image:Key-control.jpg]]<br>
| |
| ::'''2. [[KY DOI A.2:|'''KY DOI A.2''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
| |
| <br>
| |
| [[Image:Key-control.jpg]]<br>
| |
| ::'''3. [[KY DOI A.3:|'''KY DOI A.3''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
| |
| <br>
| |
| [[Image:Key-control.jpg]]<br>
| |
| ::'''4. [[KY DOI A.4:|'''KY DOI A.4''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
| |
| <br>
| |
| [[Image:Key-control.jpg]]<br>
| |
| ::'''5. [[KY DOI A.5:|'''KY DOI A.5''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
| |
| <br>
| |
| '''Implementation Guide:'''<br>
| |
| <br>
| |
| Section A – No scoping note included, as completion of this section is required for all companies.
| |
| <br>
| |
| '''Supplemental Information:'''<br>
| |
| <br>
| |
| * [[Media:KY DOI.doc]]<br>
| |
|
| |
|
| --[[User:Mdpeters|Mdpeters]] 08:26, 23 June 2006 (EDT) | | --[[User:Mdpeters|Mdpeters]] 08:26, 23 June 2006 (EDT) |