Search results
Jump to navigation
Jump to search
Page title matches
- ==Information Security Policy== ==Information security policy document== ...8 KB (1,063 words) - 13:25, 23 May 2007
- ...d Classification Policy:|'''Sample Asset Identification and Classification Policy''']]<br> :The Asset Identification and Classification Policy defines objectives for establishing specific standards to define, identify, ...3 KB (404 words) - 14:53, 25 July 2006
- ...sification Policy:|'''Sample HIPAA Asset Identification and Classification Policy''']]<br> :The Asset Identification and Classification Policy is required to comply with HIPAA (Subpart C Section 164.308(a)1C,2 and Sect ...5 KB (614 words) - 16:46, 25 July 2006
- ...s that wish to exceed GLBA requirements and establish a more comprehensive Policy Framework.<br> ...ssification Policy:|'''Sample GLBA Asset Identification and Classification Policy''']]<br> ...4 KB (535 words) - 16:51, 25 July 2006
- ...s on an annual basis. This section provides access to Information Security Policy Framework templates (for example, policies and standards) that are needed t '''SOX Policy Sample Library'''<br> ...1 KB (204 words) - 13:03, 14 July 2006
- ...ogy Security Policy:|'''Sample Information Systems and Technology Security Policy''']]<br> :The Sample Information Systems and Technology Security Policy serves as the top level document setting the holistic tone for the subseque ...4 KB (581 words) - 17:06, 30 December 2013
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...5 KB (673 words) - 18:16, 14 January 2014
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...3 KB (389 words) - 17:40, 14 January 2014
- ...would reflect adversely on Company, can be considered a violation of this policy.<br> ...ipment constitutes expressed consent by those covered by the scope of this policy to such monitoring, recording, and auditing. Actual or suspected misuse of ...3 KB (464 words) - 17:48, 14 January 2014
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...3 KB (418 words) - 19:53, 14 January 2014
- ...' (the "Company") [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']] defines objectives for establishing specific standards on the appropri ...stablished in the [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']] ...8 KB (1,184 words) - 14:12, 1 May 2010
- ==Guidance Towards Establishing an Enterprise Wide Open-Source Usage Policy== A well-defined, supported, enforced management policy maximizes the rewards and minimizes the risks of the open-source software m ...11 KB (1,601 words) - 12:58, 10 April 2007
- ...tion and Classification Policy:|'''Asset Identification and Classification Policy''']].<br> ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...3 KB (365 words) - 19:25, 14 January 2014
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...2 KB (230 words) - 19:16, 14 January 2014
- ...been granted access to Company information or systems, are covered by this policy and must comply with associated standards and guidelines.<br> ...ementation, and maintenance of the Asset Identification and Classification Policy and associated standards and guidelines.<br> ...8 KB (1,068 words) - 17:23, 16 October 2009
- ==Sample Information Systems and Technology Security Policy== This Information Systems and Technology Security Policy define Company objectives for establishing specific standards on the protec ...4 KB (465 words) - 15:46, 13 January 2014
Page text matches
- ...of regulatory compliance solutions through the establishment of effective policy and standards.<br> ...lse: Security can be communicated, taught, or measured effectively without policy.'''<br> ...2 KB (318 words) - 16:08, 3 August 2006
- ...of regulatory compliance solutions through the establishment of effective policy and standards.<br> ...lse: Security can be communicated, taught, or measured effectively without policy.'''<br> ...2 KB (322 words) - 16:10, 3 August 2006
- ...d Classification Policy:|'''Sample Asset Identification and Classification Policy''']]<br> :The Asset Identification and Classification Policy defines objectives for establishing specific standards to define, identify, ...3 KB (404 words) - 14:53, 25 July 2006
- ...s on an annual basis. This section provides access to Information Security Policy Framework templates (for example, policies and standards) that are needed t '''SOX Policy Sample Library'''<br> ...1 KB (204 words) - 13:03, 14 July 2006
- ...curity (and privacy) of customer information. This section provides sample Policy Framework templates (for example, policies and standards) that are needed t '''GLBA Policy Sample Library'''<br> ...2 KB (263 words) - 12:52, 14 July 2006
- ...sification Policy:|'''Sample HIPAA Asset Identification and Classification Policy''']]<br> :The Asset Identification and Classification Policy is required to comply with HIPAA (Subpart C Section 164.308(a)1C,2 and Sect ...5 KB (614 words) - 16:46, 25 July 2006
- :::a. [[SOX.2.0.17:|'''SOX.2.0.17''']] An information security policy exists and has been approved by an appropriate level of executive managemen Obtain a copy of the organization’s security policy and evaluate the effectiveness. Points to be taken into consideration inclu ...3 KB (351 words) - 16:49, 25 June 2006
- :'''Establish, publish, maintain, and disseminate a security policy that:'''<br> :* Read the information security policy, and verify the policy is published and disseminated to all relevant system users (including vendo ...2 KB (281 words) - 14:46, 2 March 2007
- ...s that wish to exceed GLBA requirements and establish a more comprehensive Policy Framework.<br> ...ssification Policy:|'''Sample GLBA Asset Identification and Classification Policy''']]<br> ...4 KB (535 words) - 16:51, 25 July 2006
- :'''Establish, publish, maintain, and disseminate a security policy that:'''<br> :* Read the information security policy, and verify the policy is published and disseminated to all relevant system users (including vendo ...2 KB (296 words) - 14:47, 2 March 2007
- ...s to support the protection objectives established in the Asset Protection Policy.<br> ...s to support the protection objectives established in the Asset Protection Policy.<br> ...5 KB (597 words) - 15:27, 16 November 2006
- ==Sample Information Systems and Technology Security Policy== This Information Systems and Technology Security Policy define Company objectives for establishing specific standards on the protec ...4 KB (465 words) - 15:46, 13 January 2014
- :'''Establish, publish, maintain, and disseminate a security policy that:'''<br> :* Read the information security policy, and verify the policy is published and disseminated to all relevant system users (including vendo ...2 KB (294 words) - 14:46, 2 March 2007
- ...he templates from the Best Practice Policy Framework library (for example, policy and standards controls) that are needed to create, implement, and maintain '''HIPAA Policy Sample Library'''<br> ...2 KB (260 words) - 13:17, 15 June 2007
- ...s to support the protection objectives established in the Asset Protection Policy.<br> ...s to support the protection objectives established in the Asset Protection Policy.<br> ...4 KB (512 words) - 12:05, 25 July 2006
- ...rter and supporting policies that are required to comply with ISO Security Policy objectives.<br> ...formation Security Program Charter is required to comply with ISO Security Policy objectives and serves as the capstone document for the Information Security ...2 KB (202 words) - 12:40, 15 June 2007
- ==Sample End User Computing and Technology Policy== The End User Computing and Technology Policy define the Company objectives for establishing specific standards on approp ...4 KB (507 words) - 14:58, 21 January 2014
- ..."Company) [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']] defines objectives for establishing a formal Security Awareness Progra ...Policy''']] builds on the objectives established in the Security Awareness Policy, and provides specific instructions and requirements for providing security ...5 KB (662 words) - 17:54, 25 July 2006
- ...objectives established in the Asset Protection Policy and Asset Management Policy.<br> ...bjectives and builds on the objectives established in the Asset Management Policy by providing specific requirements and instructions for life cycle manageme ...5 KB (613 words) - 18:14, 25 July 2006
- ==Information Security Policy== ==Information security policy document== ...8 KB (1,063 words) - 13:25, 23 May 2007
- ...vices is performed in accordance with the organization’s vendor management policy.<br> ...vices is performed in accordance with the organization’s vendor management policy. .<br> ...2 KB (306 words) - 18:32, 14 June 2006
- ...vices is performed in accordance with the organization's vendor management policy.<br> 1. Obtain the organization’s vendor management policy and discuss with those responsible for third-party service management if th ...2 KB (295 words) - 15:40, 25 June 2006
- ...the objectives established in the Asset Identification and Classification Policy.<br> ...the objectives established in the Asset Identification and Classification Policy by providing specific requirements for classifying information assets.<br> ...1 KB (159 words) - 17:08, 25 July 2006
- ...he templates from the Best Practice Policy Framework library (for example, policy and standards controls)that are needed to create, implement, and maintain a '''ISO 17799 Policy Sample Library'''<br> ...8 KB (1,023 words) - 17:25, 24 October 2006
- ...r needs delivered in minutes? Take a look at [http://policymachine.com The Policy Machine - a Lazarus Alliance service.]<br> == Adaptive Policy Best Practices == ...5 KB (705 words) - 11:39, 30 May 2015
- ...standards has been developed that supports the objectives of the security policy. ...r the standards framework effectively meets the objectives of the security policy. ...3 KB (360 words) - 16:59, 25 June 2006
- ...distributed media including that distributed to individuals, and that this policy requires the following: ...2 KB (295 words) - 14:23, 2 March 2007
- ...' (the "Company") [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']] defines objectives for establishing specific standards on the appropri ...violations to the [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']] and its associated standards.<br> ...6 KB (857 words) - 12:22, 19 July 2007
- ::* Obtain and review the policy requiring updates to anti-virus software and definitions. ...hat the logs are being retained in accordance with the company’s retention policy. ...1 KB (199 words) - 18:10, 28 February 2007
- ...distributed media including that distributed to individuals, and that this policy requires the following: ...2 KB (307 words) - 14:24, 2 March 2007
- ...nd prevent the use of unauthorized software. Obtain and review the company policy as it relates to software use to see that this is clearly articulated. ...ns and computers to determine if they are in conformance with organization policy. ...2 KB (314 words) - 18:27, 25 June 2006
- ...would reflect adversely on Company, can be considered a violation of this policy.<br> ...ipment constitutes expressed consent by those covered by the scope of this policy to such monitoring, recording, and auditing. Actual or suspected misuse of ...3 KB (464 words) - 17:48, 14 January 2014
- ...storage and maintenance of hardcopy and electronic media, and verify this policy requires periodic media inventories. Verify related processes by performing ...2 KB (310 words) - 14:28, 2 March 2007
- ..."Company) [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']] defines objectives for establishing a formal Security Awareness Progra ...ed in the [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']], and provides specific instructions and requirements for providing sec ...6 KB (752 words) - 14:02, 1 May 2010
- ...ication_and_Classification_Policy:|Asset Identification and Classification Policy]], and provides specific instructions and requirements for handling informa ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...2 KB (258 words) - 16:26, 24 September 2014
- ...tablished in the [[Sample_Security_Awareness_Policy:|'''Security Awareness Policy''']], and provides specific instructions and requirements for providing ong ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...2 KB (275 words) - 17:10, 23 January 2014
- ...ogy Security Policy:|'''Sample Information Systems and Technology Security Policy''']]<br> :The Sample Information Systems and Technology Security Policy serves as the top level document setting the holistic tone for the subseque ...4 KB (581 words) - 17:06, 30 December 2013
- ...tion and Classification Policy:|'''Asset Identification and Classification Policy''']].<br> ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...3 KB (365 words) - 19:25, 14 January 2014
- :::* Obtain and review the policy requiring updates to anti-virus software and definitions. ...hat the logs are being retained in accordance with the company’s retention policy. ...2 KB (333 words) - 18:15, 28 February 2007
- Job descriptions, employment agreements, and policy awareness acknowledgements increase accountability for security. Management ...or desktop and workstation users would typically review the acceptable-use policy and include issues like desktop security, log-on requirements, password adm ...10 KB (1,327 words) - 12:54, 10 April 2007
- '''PO 6.4 Policy Rollout'''<br> ISO 17799 3.1 Information security policy.<br> ...3 KB (420 words) - 14:06, 8 August 2006
- ..."Company) [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']] defines objectives for establishing a formal Security Awareness Progra ...ed in the [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']], and provides specific instructions and requirements for providing sec ...10 KB (1,206 words) - 14:05, 1 May 2010
- ...ael S. Baum, Federal Certification Authority Liability and Policy: Law and Policy of Certificate-Based Public Key and Digital Signatures 9 (National Institut ...1 KB (144 words) - 12:26, 16 October 2014
- ...s. Information Security standards provide more measurable guidance in each policy area. Information Security procedures describe how to implement the standar ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...2 KB (316 words) - 15:19, 13 January 2014
- ...uration file enforcing the password parameters as defined by the corporate policy document: '''Technical Standard – Access Controls.'''<br> <p><font color=#008000>Passwords on all platforms adhere to the corporate policy document: '''Technical Standard – Access Controls.'''</font></p><br> ...3 KB (405 words) - 00:10, 13 June 2006
- ...cknowledge in writing they have read and understood the company’s security policy and procedures.''' ISO 3.1 Information security policy<br> ...2 KB (333 words) - 16:42, 5 May 2006
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...2 KB (230 words) - 19:16, 14 January 2014
- ...tion_and_Classification_Policy:|'''Asset Identification and Classification Policy''']], and provides specific instructions and requirements for classifying i ...e not to exceed five (5) years unless otherwise required by law or Company policy.<br> ...5 KB (583 words) - 17:44, 23 January 2014
- ...ss, legal, and/or regulatory purposes, as documented in the data retention policy.'''<br> ...3 KB (420 words) - 14:46, 28 February 2007
- == Requirement 12: Maintain a policy that addresses information security. == *A strong security policy sets the security tone for the whole company, and lets employees know what ...7 KB (988 words) - 19:11, 7 July 2006
- ...dard builds on the objectives established in the [[Sample Asset Protection Policy:|'''Sample Asset Protection Standard''']], and provides specific auditing a ### Change security policy or configuration settings ...3 KB (444 words) - 20:12, 15 January 2014
- ISO 17799 3.1 Information security policy.<br> ISO 17799 12.2 Reviews of security policy and technical compliance.<br> ...3 KB (377 words) - 14:55, 1 May 2006
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...2 KB (295 words) - 15:20, 13 January 2014
- ...in a set of policies to support IT strategy. These policies should include policy intent, roles and responsibilities, exception process, compliance approach * ISO 17799 3.1 Information security policy 6.1 Security in job definition and resourcing.<br> ...3 KB (421 words) - 18:02, 23 June 2006
- This Asset Protection Policy defines Company objectives for establishing specific standards on the prote ...been granted access to Company information or systems, are covered by this policy and must comply with associated standards and guidelines.<br> ...10 KB (1,314 words) - 18:06, 15 March 2009
- ...al review of the code-based policies is recommended. Without a P3P Privacy Policy in place, a site’s cookies could be blocked or impaired by Internet Explore ...2 KB (251 words) - 09:52, 16 September 2011
- ISO 17799 3.1 Information security policy.<br> ISO 12.2 Reviews of security policy and technical compliance.<br> ...3 KB (442 words) - 18:58, 1 May 2006
- ...' Protecting Special Access Program Information Within Information Systems policy excerpt: [[Media:JAFAN_6_3.pdf]]<br> :Discusses how computer security funds should be allotted into various areas: policy, awareness and training, risk assessment, technology, and process.<br> ...6 KB (839 words) - 16:22, 23 April 2007
- ===Compliance Oriented Policy Samples=== :1. [[Security_Policy:|'''ISO Security Policy''']]<br> ...6 KB (774 words) - 12:41, 25 May 2007
- ...Company") [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']] defines objectives for establishing a formal Security Awareness Progra ...ed in the [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']], and provides specific instructions and requirements for providing app ...5 KB (728 words) - 14:07, 1 May 2010
- ...t. Any accounts that remain should be investigated as they are most likely policy violations and a breakdown in the segregation of duties has occurred.<br> ...to current system accounts should be investigated as they are most likely policy violations and the result of a breakdown with segregation of duties or poss ...3 KB (459 words) - 17:56, 21 June 2006
- *[[Network security policy]] ...1 KB (168 words) - 18:26, 14 June 2007
- ...' (the "Company") [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']] defines objectives for establishing specific standards on the appropri ...stablished in the [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']], and provides specific instructions and requirements on the proper and ...7 KB (953 words) - 14:13, 1 May 2010
- The '''<Your Company Name>''' (the "Company") [[Sample Asset Management Policy:|'''Sample Asset Management Standard''']] defines objectives for establishi ...dard builds on the objectives established in the [[Sample Asset Management Policy:|'''Sample Asset Management Standard''']], and provides specific instructio ...9 KB (1,213 words) - 13:20, 9 March 2009
- ...ss, legal, and or regulatory purposes, as documented in the data retention policy.]]<br> ...4 KB (635 words) - 11:52, 28 March 2008
- ==Business Continuity Management Policy Samples== ...ished in the Asset Protection Policy, and Threat Assessment and Monitoring Policy.<br> ...9 KB (1,274 words) - 00:17, 1 June 2007
- ...ting that they have read and understood the company’s information security policy. ...2 KB (278 words) - 20:07, 2 March 2007
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...3 KB (389 words) - 17:40, 14 January 2014
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...5 KB (683 words) - 18:18, 23 January 2014
- ...review and approval of appropriate organization-wide information security policy<br> ...rity policy, including external review as appropriate, and updating of the policy as needed<br> ...8 KB (996 words) - 12:49, 22 May 2007
- :'''Ensure the security policy and procedures clearly define information security responsibilities for all ...2 KB (265 words) - 15:58, 2 March 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (284 words) - 15:49, 2 March 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (286 words) - 15:19, 2 March 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (284 words) - 15:51, 2 March 2007
- :::a. [[SOX.2.0.17:|'''SOX.2.0.17''']] An information security policy exists and has been approved by an appropriate level of executive managemen ...standards has been developed that supports the objectives of the security policy. ...10 KB (1,333 words) - 17:44, 25 June 2006
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (285 words) - 15:50, 2 March 2007
- ==Guidance Towards Establishing an Enterprise Wide Open-Source Usage Policy== A well-defined, supported, enforced management policy maximizes the rewards and minimizes the risks of the open-source software m ...11 KB (1,601 words) - 12:58, 10 April 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (288 words) - 15:39, 2 March 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (291 words) - 15:35, 2 March 2007
- ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...3 KB (418 words) - 19:53, 14 January 2014
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (295 words) - 15:33, 2 March 2007
- ...gy. The Information Security Committee is comprised of lawyers, government policy and management professionals, information technology and security professio ...advice on the how and why of auditing firewalls, including a discussion of policy, design, audit, and tools.<br> ...10 KB (1,527 words) - 12:47, 25 April 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (290 words) - 15:52, 2 March 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (295 words) - 15:53, 2 March 2007
- :* Obtain the periodic media destruction policy and verify it covers all media with cardholder data. ...2 KB (298 words) - 14:33, 2 March 2007
- ...ether they have been reexamined. Obtain the organization’s access security policy and discuss with those responsible whether they follow such standards and g ...2 KB (304 words) - 19:56, 25 June 2006
- ...and documented in accordance with the organization's information security policy.<br> * Act in accordance with the organization's information security policy, including execution of processes or activities particular to the individua ...10 KB (1,387 words) - 14:04, 22 May 2007
- '''PO 6.1 IT Policy and Control Environment'''<br> * ISO 17799 3.1 Information security policy.<br> ...4 KB (580 words) - 18:00, 23 June 2006
- :::'''PCI-4.2 B:''' Verify existence of a policy stating that cardholder data is not to be sent via unencrypted emails.<br> ...2 KB (299 words) - 17:50, 28 February 2007
- ::'''PCI-7.1:''' Obtain the written policy for data control, and determine that it includes the following:<br> ...2 KB (314 words) - 14:09, 1 March 2007
- ...he "Company") [[Sample Asset Protection Policy:|'''Sample Asset Protection Policy''']] defines objectives for establishing specific standards for protecting ...lished in the [[Sample Asset Protection Policy:|'''Sample Asset Protection Policy''']], and provides specific instructions and requirements for proper contro ...7 KB (976 words) - 14:17, 1 May 2010
- ...' (the "Company") [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']] defines objectives for establishing specific standards on the appropri ...stablished in the [[Sample Acceptable Use Policy:|'''Sample Acceptable Use Policy''']] ...8 KB (1,184 words) - 14:12, 1 May 2010
- ...objectives and support the objectives established in the Asset Protection Policy.<br> ...bjectives and builds on the objectives established in the Asset Protection Policy by providing specific requirements for physical access to information asset ...4 KB (592 words) - 19:28, 14 June 2007
- ...onsider if they have been configured in accordance with the organization’s policy. ...2 KB (315 words) - 18:38, 25 June 2006
- :* Obtain the periodic media destruction policy and verify it covers all media with cardholder data. ...2 KB (323 words) - 14:31, 2 March 2007
- :* Obtain and examine the modem usage policy and verify that it specifies and or requires: ...2 KB (311 words) - 15:54, 2 March 2007
- ...sessment and Monitoring Policy:|'''Sample Threat Assessment and Monitoring Policy''']] defines objectives for establishing specific standards on the assessme ...sessment and Monitoring Policy:|'''Sample Threat Assessment and Monitoring Policy''']], and provides specific instructions and requirements for assessing and ...8 KB (1,149 words) - 14:09, 1 May 2010
- ...pled system components. To verify that each user is authorized per company policy, perform the following:'''<br> ...3 KB (345 words) - 14:24, 1 March 2007
- ...to current system accounts should be investigated as they are most likely policy violations and the result of a breakdown with segregation of duties or poss ...2 KB (281 words) - 01:30, 2 May 2006
- ...been granted access to Company information or systems, are covered by this policy and must comply with associated standards and guidelines.<br> ...ementation, and maintenance of the Asset Identification and Classification Policy and associated standards and guidelines.<br> ...8 KB (1,068 words) - 17:23, 16 October 2009