Kentucky DOI:: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
No edit summary
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''MANAGEMENT CONTROL '''<br>
'''Kentucky DOI'''<br>
<br>
<br>
'''Applicability:'''<br>
'''Applicability:'''<br>
<br>
<br>
:: Sarbanes-Oxley'''
* [[KY MANAGEMENT CONTROL:|'''MANAGEMENT CONTROL''']]
:: HIPAA
* [[KY ORGANIZATION CONTROLS:|'''ORGANIZATION CONTROLS''']]
:: GLBA
* [[KY CHANGES TO APPLICATIONS:|'''CHANGES TO APPLICATIONS''']]
:: PCI
* [[KY SYSTEM AND PROGRAM DEVELOPMENT:|'''SYSTEM AND PROGRAM DEVELOPMENT''']]
:: FISMA
* [[KY OPERATIONS:|'''OPERATIONS''']]
:: NIST SP 800-66
* [[KY PROCESSING CONTROLS:|'''PROCESSING CONTROLS''']]
:: Ditscap
* [[KY DOCUMENTATION:|'''DOCUMENTATION''']]
:: '''DOI'''
* [[KY OUTSIDE SERVICE CENTER CONTROLS:|'''OUTSIDE SERVICE CENTER CONTROLS''']]
:: Control Exception
* [[KY LOGICAL AND PHYSICAL SECURITY:|'''LOGICAL AND PHYSICAL SECURITY''']]
:: User Defined
* [[KY CONTIGENCY PLANNING:|'''CONTIGENCY PLANNING''']]
* [[KY E-BUSINESS CONTROLS:|'''E-BUSINESS CONTROLS''']]
* [[KY WIDE AREA NETWORK (WAN) AND INTERNET CONTROLS:|'''WIDE AREA NETWORK (WAN) AND INTERNET CONTROLS''']]
<br>
<br>
'''Risk Association Control Activities:'''<br>
* [[KY EXHIBIT C:|'''EXHIBIT C''']]
<br>
[[Image:Key-control.jpg]]<br>
::'''1. [[KY DOI A.1:|'''KY DOI A.1''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
<br>
[[Image:Key-control.jpg]]<br>
::'''2. [[KY DOI A.2:|'''KY DOI A.2''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
<br>
[[Image:Key-control.jpg]]<br>
::'''3. [[KY DOI A.3:|'''KY DOI A.3''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
<br>
[[Image:Key-control.jpg]]<br>
::'''4. [[KY DOI A.4:|'''KY DOI A.4''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
<br>
[[Image:Key-control.jpg]]<br>
::'''5. [[KY DOI A.5:|'''KY DOI A.5''']] Is there an IS steering committee or other evidence that top management is involved in the IS function and, if so, who are the members? Please provide copies of the steering committee meeting minutes or other evidence (e.g., memos or agendas) of steering committee meetings held during the period under review.'''<br>
<br>
'''Implementation Guide:'''<br>
Section A – No scoping note included, as completion of this section is required for all companies.<br>
<br>
'''Supplemental Information:'''<br>
* [[Media:KY DOI.doc]]<br>


--[[User:Mdpeters|Mdpeters]] 08:26, 23 June 2006 (EDT)
--[[User:Mdpeters|Mdpeters]] 08:26, 23 June 2006 (EDT)

Latest revision as of 20:14, 25 June 2006