Search results

Jump to navigation Jump to search

Page title matches

  • ==Configuration Management == ...re or software upgrade, a computer technician can access the configuration management program and database to see what is currently installed. The technician can ...
    7 KB (942 words) - 15:09, 23 March 2007
  • ==Software Configuration Management== ...re at discrete points in time and to systematically control changes to the configuration for the purpose of maintaining software integrity, traceability, and accoun ...
    22 KB (3,132 words) - 19:07, 17 April 2007
  • ==Sample Configuration Management Standard== ...e objectives established in the [[Sample_Asset_Management_Policy:|'''Asset Management Standard''']], and provides specific instructions and requirements for esta ...
    5 KB (681 words) - 21:56, 15 January 2014

Page text matches

  • '''DS 9.2 Identification and Maintenance of Configuration Items '''<br> ...rized changes, and assist in the verification and recording of the current configuration ...
    3 KB (429 words) - 18:55, 25 June 2006
  • ==Configuration Management== ...erver, or as complex as the entire IT department. In large organizations a configuration manager may be appointed to oversee and manage the CM process. ...
    4 KB (570 words) - 16:12, 23 March 2007
  • ==Configuration Management == ...re or software upgrade, a computer technician can access the configuration management program and database to see what is currently installed. The technician can ...
    7 KB (942 words) - 15:09, 23 March 2007
  • ::'''2. Risk: Insufficient configuration controls can lead to security and availability exposures that may permit un ...ct an evaluation of the frequency and timeliness of management’s review of configuration records. ...
    2 KB (324 words) - 18:46, 25 June 2006
  • Determine if the management of third-party services has been assigned to appropriate individuals.<br> ...t color=#008000>The BackupSystemAudit utility discovers and records system configuration information such as: ...
    3 KB (335 words) - 14:05, 26 February 2007
  • ==Sample Configuration Management Standard== ...e objectives established in the [[Sample_Asset_Management_Policy:|'''Asset Management Standard''']], and provides specific instructions and requirements for esta ...
    5 KB (681 words) - 21:56, 15 January 2014
  • [[DS1.1:| 1.1 Service Level Management Framework]]<br> [[DS2.2:| 2.2 Supplier Relationship Management]]<br> ...
    4 KB (538 words) - 19:08, 14 June 2007
  • '''DS 9.1 Configuration Repository and Baseline '''<br> ...rized changes, and assist in the verification and recording of the current configuration. ...
    4 KB (506 words) - 18:44, 25 June 2006
  • '''DS 10.4 Integration of Change, Configuration and Problem Management '''<br> ...ents, integrate the related processes of change, configuration and problem management. Monitor how much effort is applied to firefighting rather than enabling bu ...
    2 KB (248 words) - 17:50, 5 May 2006
  • ...upport the objectives established in the Asset Protection Policy and Asset Management Policy.<br> :1. [[Sample Life Cycle Management Standard:|'''Sample ISO Life Cycle Management Standard''']]<br> ...
    5 KB (613 words) - 18:14, 25 July 2006
  • ==Change Management== ...anges (fixes) - with minimum risk to IT infrastructure. The goal of Change Management is to ensure that standardized methods and procedures are used for efficien ...
    4 KB (588 words) - 16:23, 21 March 2007
  • ==Financial Management== ...ery section of the [[ITIL]] best practice framework. The aim of Financial Management for IT Services is to give accurate and cost effective stewardship of IT as ...
    6 KB (885 words) - 10:12, 23 March 2007
  • ==Sample Asset Management Standard== ...ard defines Company objectives for establishing specific standards for the management of the networks, systems, and applications that store, process and transmit ...
    3 KB (389 words) - 17:40, 14 January 2014
  • ==Service Desk Management== A '''Service Desk''' is a primary IT capability called for in IT Service Management (ITSM) as defined by the [[Information Technology Infrastructure Library]] ...
    4 KB (552 words) - 16:15, 20 March 2007
  • '''AI 2.5 Configuration and Implementation of Acquired Application Software'''<br> ...rized changes, and assist in the verification and recording of the current configuration. ...
    4 KB (501 words) - 18:24, 25 June 2006
  • ...) that are needed to create, implement, and maintain a best practice, risk management-based information security program.<br> ...) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.<br> ...
    5 KB (705 words) - 11:39, 30 May 2015
  • ...I-6.3.1:|PCI-6.3.1 Testing of all security patches and system and software configuration changes before deployment.]]<br> :'''PCI-6.4 Follow change control procedures for all system and software configuration changes.'''<br> ...
    4 KB (578 words) - 18:46, 28 February 2007
  • [[Asset Management:|'''Asset Management''']]<br> [[Communications and Operations Management:|'''Communications and Operations Management''']]<br> ...
    3 KB (378 words) - 21:27, 18 January 2015
  • <br>Ensure that security techniques and related management procedures (e.g., firewalls, security appliances, network segmentation, and ...puter operations, which are periodically reviewed, updated and approved by management.<br> ...
    6 KB (781 words) - 12:31, 23 June 2006
  • :[[Sample Asset Management Policy:|'''Sample Asset Management Policy''']]<br> :The Asset Management Policy defines objectives for properly managing Information Technology infr ...
    3 KB (404 words) - 14:53, 25 July 2006
  • The problem management system should provide for adequate audit trail facilities that allow tracki * All associated configuration items<br> ...
    3 KB (451 words) - 17:52, 5 May 2006
  • =='''Asset Management'''== ...mation security perspective is not just about 'IT' Assets. It is about the management, control and protection of '''all''' aspects of Information / Data in whate ...
    5 KB (705 words) - 13:29, 23 May 2007
  • ...ves, or from programs, projects or service improvement initiatives. Change Management can ensure standardized methods, processes and procedures are used for all ==Change management in development projects== ...
    4 KB (523 words) - 10:24, 23 April 2010
  • :'''Description of groups, roles, and responsibilities for logical management of network components.'''<br> ...s include a description of groups, roles, and responsibilities for logical management of network components. ...
    2 KB (265 words) - 12:24, 16 June 2010
  • :'''Avoid Session Management Pitfalls:''' [[Media:session-management-security.pdf]]<br> ...actices in Configuration Management for Security:''' [[Media:configuration-management-security.pdf]] <br> ...
    6 KB (839 words) - 16:22, 23 April 2007
  • ==Software Configuration Management== ...re at discrete points in time and to systematically control changes to the configuration for the purpose of maintaining software integrity, traceability, and accoun ...
    22 KB (3,132 words) - 19:07, 17 April 2007
  • '''PO 2.4 Integrity Management'''<br> :::a. SOX.4.1.4: Passwords are required for each user. Password configuration is based on Corporate IT standards.<br> ...
    4 KB (550 words) - 14:34, 1 May 2006
  • ...d systems development methodology should be established and implemented by management. This systems development life cycle (SDLC) describes the stages involved i ...puter operations, which are periodically reviewed, updated and approved by management.<br> ...
    6 KB (804 words) - 12:14, 23 June 2006
  • ::'''PCI-6.5.10:''' Insecure configuration management.<br> ...
    3 KB (346 words) - 14:03, 1 March 2007
  • :'''PCI-2.2 Develop configuration standards for all system components. Make sure these standards address all ...rative access. Use technologies such as SSH, VPN, or SSL/TLS for web-based management and other non-console administrative access.]]<br> ...
    2 KB (283 words) - 17:00, 26 June 2006
  • == Requirement 1: Install and maintain a firewall configuration to protect data. == :'''[[PCI-1.1:|PCI-1.1 Establish firewall configuration standards that include:]]'''<br> ...
    5 KB (702 words) - 12:20, 16 June 2010
  • ...anization can clone and tailor to its unique requirements. Guidelines set configuration or procedural recommendations for the enterprise. They do not have a report :[[Sample Asset Management Policy:|'''Sample Asset Management Standard''']]<br> ...
    4 KB (581 words) - 17:06, 30 December 2013
  • ::*[[Sample Asset Management Policy:|'''Sample Asset Management Policy''']]<br> ...y Assessment and Management Policy:|'''Sample Vulnerability Assessment and Management Policy''']]<br> ...
    10 KB (1,206 words) - 14:05, 1 May 2010
  • [[AI2.5:| 2.5 Configuration and Implementation of Acquired Application Software]]<br> [[AI2.9:| 2.9 Applications Requirements Management]]<br> ...
    3 KB (341 words) - 19:07, 14 June 2007
  • ...rocedures to ensure timely and correct distribution and update of approved configuration items. This involves integrity controls; segregation of duties among those ITIL Service Support, Release Management, 9.3.6 Definitive software library.<br> ...
    3 KB (382 words) - 18:02, 3 May 2006
  • ....8''']] IDS-IPS passwords are required for each administrator ID. Password configuration is based on Corporate IT standards.<br> :a. [[SOX.2.1.5.18:|'''SOX.2.1.5.18''']] Routing protocols are approved by management.<br> ...
    7 KB (901 words) - 13:44, 23 June 2006
  • ===Management commitment to information security=== Management at all levels should actively support security within the organization with ...
    8 KB (996 words) - 12:49, 22 May 2007
  • ...4.8''']] SWITCH passwords are required for each administrator ID. Password configuration is based on Corporate IT standards.<br> :a. [[SOX.2.1.4.18:|'''SOX.2.1.4.18''']] Routing protocols are approved by management.<br> ...
    7 KB (901 words) - 13:43, 23 June 2006
  • Translate business information requirements, IT configuration, information risk action plans and information security culture into an ove ...y policy exists and has been approved by an appropriate level of executive management. ...
    10 KB (1,333 words) - 17:44, 25 June 2006
  • * Statement of general principles and management approach to the use of cryptographic controls ...ough risk assessment, that considers appropriate algorithm selections, key management and other core features of cryptographic implementations ...
    9 KB (1,170 words) - 14:05, 22 May 2007
  • ==Communications and Operations Management== ...y and cost effective service to client financial institutions. Institution management should monitor any changes in the current strategies and plans of independe ...
    19 KB (2,609 words) - 13:51, 23 May 2007
  • ==Security Management== ...urity Management is based on the code of practice for information security management also known as ISO/IEC 17799. ...
    32 KB (4,804 words) - 14:10, 27 February 2009
  • :::a. [[SOX.2.0.8:|'''SOX.2.0.8''']] IT management has established procedures across the organization to protect information s :::a. SOX.3.1.1: Management should monitor security incidents and the extent of compliance with informa ...
    8 KB (1,177 words) - 19:00, 25 June 2006
  • ...Name>''' (the "Company") [[Sample Asset Management Policy:|'''Sample Asset Management Policy''']] defines objectives for establishing specific standards for prop ...tives established in the [[Sample Asset Management Policy:|'''Sample Asset Management Policy''']], and provides specific instructions and requirements for the de ...
    12 KB (1,656 words) - 14:15, 1 May 2010
  • ...equiring expertise in accounting, fraud examination, [[forensic science]], management science, systems engineering, [[security engineering]], and [[criminology]] ...]], policies and procedures requiring such controls as regular backups and configuration hardening, employee training in security awareness, or organizing personnel ...
    7 KB (983 words) - 10:41, 15 April 2012
  • ...checking software, combined with strict change controls and configuration management. ...
    4 KB (568 words) - 17:25, 10 April 2007
  • :::a. SOX.3.1.2: The configuration of operating systems for application systems (servers) should support an ac ...rative access. Use technologies such as SSH, VPN, or SSL/TLS for web-based management and other non-console administrative access.<br> ...
    7 KB (975 words) - 16:57, 9 April 2007
  • * [[PCI 1:|'''Requirement 1: Install and maintain a firewall configuration to protect data.''']] '''Maintain a Vulnerability Management Program''' ...
    8 KB (1,208 words) - 17:00, 9 April 2007
  • =='''Sample Life Cycle Management Standard'''== ...Name>''' (the "Company") [[Sample Asset Management Policy:|'''Sample Asset Management Policy''']] defines objectives for establishing specific standards for prop ...
    16 KB (2,312 words) - 14:14, 1 May 2010
  • ...f making data unavailable should anything go wrong with data handling, key management, or the actual encryption. For example, a loss of encryption keys or other # Effective key management practices ...
    13 KB (2,019 words) - 11:46, 28 March 2008
  • ::'''(C)''' ensuring that information security management processes are integrated with agency strategic and operational planning pro :::'''(iii)''' minimally acceptable system configuration requirements, as determined by the agency; and<br> ...
    10 KB (1,576 words) - 12:50, 4 June 2010
  • ::5. All signatures and configuration of Company threat monitoring or intrusion detection technologies should be ...o attempts to deactivate, modify, or delete signatures, auditing features, configuration files, and/or audit logs.<br> ...
    12 KB (1,720 words) - 14:10, 1 May 2010
  • ::'''(C)''' ensuring that information security management processes are integrated with agency strategic and operational planning pro :::'''(iii)''' minimally acceptable system configuration requirements, as determined by the agency; and<br> ...
    11 KB (1,610 words) - 19:37, 3 June 2010
  • ...the agencies and revised, if necessary, based on examiner feedback. Senior management of each agency performed the final review and approval and then formally re :* IT Management ...
    15 KB (2,060 words) - 17:47, 15 June 2007
  • A well-defined, supported, enforced management policy maximizes the rewards and minimizes the risks of the open-source sof ===Extend vulnerability management to open-source solutions.=== ...
    11 KB (1,601 words) - 12:58, 10 April 2007
  • ...ormation Security Committee is comprised of lawyers, government policy and management professionals, information technology and security professionals, notaries ...in order to improve security. This document is about basic, "boilerplate" configuration items that are almost universally applicable in IP networks, and about a fe ...
    10 KB (1,527 words) - 12:47, 25 April 2007
  • ...browser security settings to be less restrictive than the Company-approved configuration.<br> ...cated and understood within their respective organizational units. Company management also is responsible for defining, approving, and implementing processes and ...
    8 KB (1,184 words) - 14:12, 1 May 2010
  • * Authentication and password management # Database Configuration ...
    18 KB (2,920 words) - 17:59, 18 May 2007
  • ...Name>''' (the "Company") [[Sample Asset Management Policy:|'''Sample Asset Management Policy''']] defines objectives for establishing specific standards for prop ...tives established in the [[Sample Asset Management Policy:|'''Sample Asset Management Policy''']], and provides specific instructions and requirements for follow ...
    12 KB (1,684 words) - 14:14, 1 May 2010
  • ...[information technology]] (IT) services. ITIL outlines an extensive set of management [[procedure]]s that are intended to support businesses in achieving both qu ...s (hence the term ''Library''), each of which covers a core area within IT Management. The names ''ITIL'' and ''IT Infrastructure Library'' are Registered Trade ...
    37 KB (5,348 words) - 10:12, 8 September 2011
  • Security administrators SHOULD consider issues related to privilege management for all types of users. For example, in a database with many usernames, it ...he benefits offered by roles. Roles greatly simplify the task of privilege management in complicated environments.<br> ...
    22 KB (3,612 words) - 16:20, 15 November 2007
  • ...individual keys for [[Encryption | encryption]] may raise significant key management issues. ...usiness systems. The roles of databases are many, including storing system configuration parameters and credentials, providing raw content for use in dynamic page g ...
    28 KB (4,261 words) - 11:45, 28 March 2008
  • ==Risk Management== ...ng some or all of the consequences of a particular risk. Traditional risk management focuses on risks stemming from physical or legal causes (e.g. natural disas ...
    43 KB (6,368 words) - 11:22, 4 July 2015
  • Management and information system administrators should critically evaluate informatio ...ning, and signify their understanding and agreement with the policy before management grants access to the system.<br> ...
    78 KB (11,440 words) - 02:00, 10 April 2007
  • '''Account management''' ...ies (e.g., general ledger, manufacturing resource planning, human resource management). ...
    74 KB (11,078 words) - 13:08, 9 April 2007
  • ** The policies and procedures must reference management oversight and organizational buy-in to compliance with the documented secur ...ation technology documentation should also include a written record of all configuration settings on the components of the network because these components are comp ...
    32 KB (4,732 words) - 19:36, 29 November 2013
  • ...own. Browsers, mail readers, chat clients, and other programs leave behind configuration files that might reveal online nicknames and passwords. Operating systems a ...h warrant into an unconstitutional general warrant. United States v. Fleet Management Ltd., 521 F. Supp. 2d 436, 443-44 (E.D. Pa. 2007); see also Otero, 563 F.3d ...
    138 KB (21,660 words) - 13:18, 5 August 2011