Search results

...tablished in the [[Sample_Security_Awareness_Policy:|'''Security Awareness Policy''']], and provides specific instructions and requirements for providing ong ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...

...ogy Security Policy:|'''Sample Information Systems and Technology Security Policy''']]<br> :The Sample Information Systems and Technology Security Policy serves as the top level document setting the holistic tone for the subseque ...

...tion and Classification Policy:|'''Asset Identification and Classification Policy''']].<br> ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...

:::* Obtain and review the policy requiring updates to anti-virus software and definitions. ...hat the logs are being retained in accordance with the company’s retention policy. ...

Job descriptions, employment agreements, and policy awareness acknowledgements increase accountability for security. Management ...or desktop and workstation users would typically review the acceptable-use policy and include issues like desktop security, log-on requirements, password adm ...

'''PO 6.4 Policy Rollout'''<br> ISO 17799 3.1 Information security policy.<br> ...

..."Company) [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']] defines objectives for establishing a formal Security Awareness Progra ...ed in the [[Sample Security Awareness Policy:|'''Sample Security Awareness Policy''']], and provides specific instructions and requirements for providing sec ...

...ael S. Baum, Federal Certification Authority Liability and Policy: Law and Policy of Certificate-Based Public Key and Digital Signatures 9 (National Institut ...

...s. Information Security standards provide more measurable guidance in each policy area. Information Security procedures describe how to implement the standar ...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...

...www.lazarusalliance.com/horsewiki/index.php/HIPAA_Policy_References: HIPAA Policy References]<br> ...

...uration file enforcing the password parameters as defined by the corporate policy document: '''Technical Standard – Access Controls.'''<br> <p><font color=#008000>Passwords on all platforms adhere to the corporate policy document: '''Technical Standard – Access Controls.'''</font></p><br> ...

...cknowledge in writing they have read and understood the company’s security policy and procedures.''' ISO 3.1 Information security policy<br> ...

...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...

...tion_and_Classification_Policy:|'''Asset Identification and Classification Policy''']], and provides specific instructions and requirements for classifying i ...e not to exceed five (5) years unless otherwise required by law or Company policy.<br> ...

...ss, legal, and/or regulatory purposes, as documented in the data retention policy.'''<br> ...

== Requirement 12: Maintain a policy that addresses information security. == *A strong security policy sets the security tone for the whole company, and lets employees know what ...

...dard builds on the objectives established in the [[Sample Asset Protection Policy:|'''Sample Asset Protection Standard''']], and provides specific auditing a ### Change security policy or configuration settings ...

ISO 17799 3.1 Information security policy.<br> ISO 17799 12.2 Reviews of security policy and technical compliance.<br> ...

...ly customizable versions are available from [http://policy-machine.com The Policy Machine].<br> ...

...in a set of policies to support IT strategy. These policies should include policy intent, roles and responsibilities, exception process, compliance approach * ISO 17799 3.1 Information security policy 6.1 Security in job definition and resourcing.<br> ...