Search results
Jump to navigation
Jump to search
Page title matches
- =='''Technical Standards Guides'''== ...iled descriptions and explanations. This section provides sample technical standards guides that your organization can copy and tailor to its unique requirement ...4 KB (512 words) - 12:05, 25 July 2006
- 3 KB (363 words) - 11:45, 29 August 2006
- =='''Technical Standards Guides'''== ...iled descriptions and explanations. This section provides sample technical standards guides that your organization can copy and tailor to its unique requirement ...5 KB (597 words) - 15:27, 16 November 2006
- ==Sources of standards for Information Security== ...d that coordinates the system. The ISO is the world's largest developer of standards. The ISO-15443: "Information technology - Security techniques - A framewor ...2 KB (287 words) - 14:29, 8 March 2007
- 4 KB (644 words) - 14:43, 15 May 2007
- ...sset Management Standard''']] defines objectives for establishing specific standards for properly managing the Company Information Technology infrastructure, in ...s for establishing and maintaining legal evidence retention and protection standards for Company physical and electronic data stores, network devices, servers, ...9 KB (1,213 words) - 13:20, 9 March 2009
- =='''Oracle Database Asset Protection Standards:'''== It is recommended that the accepted standards developed by the company be applied to the default profile to eliminate any ...22 KB (3,612 words) - 16:20, 15 November 2007
- ...and business processes depend, requires a consistent approach to security standards in the areas of database configurations, maintenance, and administration. I * Access standards ...18 KB (2,920 words) - 17:59, 18 May 2007
- 7 KB (1,018 words) - 13:53, 14 May 2007
Page text matches
- =='''Technical Standards Guides'''== ...iled descriptions and explanations. This section provides sample technical standards guides that your organization can copy and tailor to its unique requirement ...5 KB (597 words) - 15:27, 16 November 2006
- =='''Technical Standards Guides'''== ...iled descriptions and explanations. This section provides sample technical standards guides that your organization can copy and tailor to its unique requirement ...4 KB (512 words) - 12:05, 25 July 2006
- ==Sources of standards for Information Security== ...d that coordinates the system. The ISO is the world's largest developer of standards. The ISO-15443: "Information technology - Security techniques - A framewor ...2 KB (287 words) - 14:29, 8 March 2007
- ...ards for Privacy of Individually Identifiable Health Information, Security Standards for the Protection of Electronic Protected Health Information, and General ...400 bytes (47 words) - 13:15, 15 June 2007
- ...1.3:]], [[PCI-1.1.4:]], [[PCI-1.1.5:]], and [[PCI-1.1.6:]], to verify that standards are complete. ...242 bytes (27 words) - 12:18, 16 June 2010
- ...Information Security Policy Framework templates (for example, policies and standards) that are needed to create, implement, and maintain a risk management-based ...ion Security Policy templates (for example, Program Charter, policies, and standards) that are needed to create, implement, and maintain an Information Security ...1 KB (204 words) - 13:03, 14 July 2006
- ...s from the Best Practice Policy Framework library (for example, policy and standards controls) that are needed to create, implement, and maintain an Information ...le Policy Framework templates (for example, Program Charter, policies, and standards) that are needed to create, implement, and maintain an Information Security ...2 KB (260 words) - 13:17, 15 June 2007
- :'''Establish firewall configuration standards that include:'''<br> ...n standards and other documentation specified below to obtain evidence the standards are complete. Also obtain a copy of the following documentation: ...2 KB (278 words) - 21:22, 2 March 2007
- ...nology Security Policy define Company objectives for establishing specific standards on the protection of the confidentiality, integrity, and availability of Co ...c perspective that must be addressed in the subordinate control documents; standards, procedures, and supporting documentation are described as follows.<br> ...4 KB (465 words) - 15:46, 13 January 2014
- :'''Establish firewall configuration standards that include:'''<br> ...n standards and other documentation specified below to obtain evidence the standards are complete. Also obtain a copy of the following documentation: ...2 KB (290 words) - 21:22, 2 March 2007
- :'''Establish firewall configuration standards that include:'''<br> ...n standards and other documentation specified below to obtain evidence the standards are complete. Also obtain a copy of the following documentation: ...2 KB (315 words) - 21:21, 2 March 2007
- :::a. [[SOX.2.0.18:|'''SOX.2.0.18''']] A framework of security standards has been developed that supports the objectives of the security policy. Obtain a copy of the security standards and: ...3 KB (360 words) - 16:59, 25 June 2006
- ...tion provides sample Policy Framework templates (for example, policies and standards) that are needed to create, implement, and maintain an Information Security ...ty Program that complies with GLBA. Additional best practices policies and standards are provided for financial organizations that wish to exceed GLBA requireme ...2 KB (263 words) - 12:52, 14 July 2006
- '''BS 7799''' was a standard originally published by British Standards Institution (BSI) in 1995. It was written by the United Kingdom Government' ...n revised in June 2005 and finally incorporated in the ISO 27000 series of standards as [[ISO/IEC 27002]] in July 2007. ...2 KB (249 words) - 10:56, 27 October 2012
- :[[Information_Security_Standards_Sources:|'''Sources of Information Security Standards''']]<br> ...to some international sites that provide many of the information security standards we should be familiar with.<br> ...1,015 bytes (132 words) - 14:09, 8 March 2007
- :'''(1)''' promulgating information security standards under section 11331 of title 40;<br> :'''(2)''' overseeing the implementation of policies, principles, standards, and guidelines on information security;<br> ...3 KB (414 words) - 11:45, 4 June 2010
- '''8. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...quired for each system ID. Password configuration is based on Corporate IT standards.<br> ...3 KB (405 words) - 00:10, 13 June 2006
- ...ion and Classification Policy defines objectives for establishing specific standards to define, identify, classify, and label information assets.<br> :The Asset Protection Policy defines objectives for establishing specific standards for providing an appropriate degree of confidentiality, integrity, and avai ...3 KB (404 words) - 14:53, 25 July 2006
- ...chnology (NIST, At the time named National Bureau of Standards) to develop standards of minimum acceptable practices with the help of the National Security Agen ...1 KB (168 words) - 11:37, 23 May 2010
- ...on of the Information Security Program Charter and associated policies and standards.<br> ...ion security awareness training for management should cover all topics and standards for employees or Users, as well as the following policies:<br> ...5 KB (662 words) - 17:54, 25 July 2006
- ...Security Program Charter by defining objectives for establishing specific standards to properly classify and label sensitive information assets such as custome ...Security Program Charter by defining objectives for establishing specific standards to ensure the security and confidentiality of customer information, as well ...4 KB (535 words) - 16:51, 25 July 2006
- '''PO 3.4 Technology Standards'''<br> ...pliance with these standards and guidelines. This forum directs technology standards and practices based on their business relevance, risks and compliance with ...2 KB (311 words) - 16:29, 1 May 2006
- ...f Management and Budget or the Director thereof, the National Institute of Standards and Technology, or the head of any agency, with respect to the authorized u ...851 bytes (128 words) - 21:01, 3 June 2010
- ...er:|'''Information Security Program Charter''']]. and associated policies, standards, guidelines, and procedures. ...arter:|'''Information Security Program Charter''']] and relevant policies, standards and guidelines must be properly communicated to Company corporate and busin ...3 KB (418 words) - 19:53, 14 January 2014
- ...subscribe to alert services freely available on the Internet). Update your standards to address new vulnerability issues.<br> ...r security vulnerability information and updating the system configuration standards reviewed in Requirement 2 as new vulnerability issues are found.<br> ...2 KB (303 words) - 18:22, 28 February 2007
- Katz, Non-Warrant Search Challenges US v. Ross: Evolving Standards of Warrantless Searches, 74 J Crim L and Criminology 172 (1983). ...413 bytes (60 words) - 03:02, 5 March 2009
- ..., including through ensuring timely agency adoption of and compliance with standards promulgated under section 11331 of title 40;<br> :'''(2)''' requiring agencies, consistent with the standards promulgated under such section 11331 and the requirements of this subchapte ...4 KB (671 words) - 10:44, 1 June 2010
- ...f Management and Budget or the Director thereof, the National Institute of Standards and Technology, or the head of any agency, with respect to the authorized u ...940 bytes (143 words) - 21:44, 1 June 2010
- ==Policies, Standards, and Guidelines== ...ise but do not have a reportable status to a companies Board of Directors. Standards are approved by a companies technology review board.<br> ...4 KB (581 words) - 17:06, 30 December 2013
- ...olicy framework templates (for example, policies, standards, and technical standards) that are needed to create, implement, and maintain a best practice, risk m ...olicy Framework templates (for example, policies, standards, and technical standards) that are needed to create, implement, and maintain a best practice, risk m ...5 KB (705 words) - 11:39, 30 May 2015
- '''4. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...for each administrator ID. Password configuration is based on Corporate IT standards.<br> ...6 KB (729 words) - 13:40, 23 June 2006
- '''8. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...for each administrator ID. Password configuration is based on Corporate IT standards.<br> ...6 KB (766 words) - 13:42, 23 June 2006
- ...Develop configuration standards for all system components. Make sure these standards address all known security vulnerabilities and industry best practices.'''< ...2 KB (283 words) - 17:00, 26 June 2006
- ...mple Information Security Program Charter''']] and associated policies and standards.<br> ...mple Information Security Program Charter''']] and associated policies and standards.<br> ...5 KB (728 words) - 14:07, 1 May 2010
- ...s from the Best Practice Policy Framework library (for example, policy and standards controls)that are needed to create, implement, and maintain an Information ...el of protection. This section provides templates for Information Security standards that are required to comply with ISO Asset Classification and Control objec ...8 KB (1,023 words) - 17:25, 24 October 2006
- ...oftware and data. This section provides templates for Information Security standards that are required to comply with ISO Systems Development and Maintenance ob ...ions and requirements for establishing and maintaining baseline protection standards for Company network devices, servers, and desktops.<br> ...5 KB (613 words) - 18:14, 25 July 2006
- ...ary authority to establish and implement technology- and solution-specific standards.<br> ...Security Program Charter by defining objectives for establishing specific standards to properly classify and label sensitive information assets such as all ele ...5 KB (614 words) - 16:46, 25 July 2006
- ...ts; ensure compliance of systems with organizational security policies and standards; and maximize the effectiveness of and to minimize interference to or from ==Identification of Applicable Statutes, Regulations and Certification Standards== ...6 KB (774 words) - 12:41, 25 May 2007
- '''7. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...for each administrator ID. Password configuration is based on Corporate IT standards.<br> ...6 KB (779 words) - 13:45, 23 June 2006
- ::'''Examine the organization’s system configuration standards for network components and critical servers, including any wireless access ...ommon security parameter settings are included in the system configuration standards.<br> ...3 KB (366 words) - 13:52, 28 February 2007
- '''8. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...quired for each system ID. Password configuration is based on Corporate IT standards.<br> ...6 KB (821 words) - 18:11, 28 August 2006
- :'''(4)''' consult with the National Institute of Standards and Technology, agencies or offices operating or exercising control of nati ...Federal information security incident center to the extent consistent with standards and guidelines for national security systems, issued in accordance with law ...1 KB (196 words) - 19:07, 3 June 2010
- '''8. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...for each administrator ID. Password configuration is based on Corporate IT standards.<br> ...6 KB (816 words) - 13:41, 23 June 2006
- '''PO 8.2 IT Standards and Quality Practices'''<br> Identify and maintain standards, procedures and practices for key IT processes to guide the organization in ...3 KB (460 words) - 16:08, 21 June 2006
- ...policy area. Information Security procedures describe how to implement the standards. ...ure that the Information Security Program Charter and associated policies, standards, guidelines, and procedures are properly communicated and understood by est ...2 KB (316 words) - 15:19, 13 January 2014
- ...the current network diagram is consistent with the firewall configuration standards. ...2 KB (287 words) - 10:55, 4 July 2015
- '''8. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...for each administrator ID. Password configuration is based on Corporate IT standards.<br> ...7 KB (901 words) - 13:44, 23 June 2006
- *15: Compliance - ensuring conformance with information security policies, standards, laws and regulations ...ection outlines a risk assessment process although there are more specific standards covering this area such as ISO Technical Report TR 13335 GMITS Part 3 - Gui ...6 KB (847 words) - 16:57, 26 March 2007
- ...ions and requirements for establishing and maintaining baseline protection standards for Company network devices, servers, and desktops. ## Protection standards must be established and implemented for all computing and network resources ...5 KB (681 words) - 21:56, 15 January 2014
- '''8. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...quired for each system ID. Password configuration is based on Corporate IT standards.<br> ...7 KB (895 words) - 13:44, 23 June 2006
- '''8. Risk: Insufficient security standards may allow unauthorized access to production systems and business data store ...for each administrator ID. Password configuration is based on Corporate IT standards.<br> ...7 KB (901 words) - 13:43, 23 June 2006
- ...e to have cast doubt upon the "computational infeasibility" assumed by the standards, for digital signature as well as confidentiality encryption software. See ...805 bytes (108 words) - 15:50, 3 April 2007
- ...mple Information Security Program Charter''']] and associated policies and standards.<br> ...ion security awareness training for management should cover all topics and standards for employees or Users, as well as the following policies:<br> ...6 KB (752 words) - 14:02, 1 May 2010
- ==NIST: National Institute of Standards and Technology Publications== ===FIPS: Federal Information Processing Standards=== ...3 KB (378 words) - 21:27, 18 January 2015
- ...e personal firewall software is configured by the organization to specific standards and is not alterable by mobile computer users.<br> ...442 bytes (66 words) - 12:09, 16 June 2010
- '''PO 8.3 Development and Acquisition Standards'''<br> ...e standards; interoperability; system performance efficiency; scalability; standards for development and testing; validation against requirements; test plans; a ...6 KB (863 words) - 13:12, 23 June 2006
- Develop and follow a set of procedures and standards that is consistent with the business organization’s overall procurement pro ...ity risks are introduced by technical designs incompatible with enterprise standards.'''<br> ...3 KB (442 words) - 13:59, 23 June 2006
- ...ysical security needs and decipher which or which parts of these and other standards are most applicable.<br> ...ssing facilities. This section provides templates for Information Security standards that are required to comply with ISO Physical and Environmental Security ob ...4 KB (592 words) - 19:28, 14 June 2007
- :* '''PCI-1.1.5.a:''' Verify that firewall and router configuration standards include a documented list of services, protocols and ports necessary for bu ...documented and implemented by examining firewall and router configuration standards and settings for each service. An example of an insecure service, protocol, ...3 KB (353 words) - 12:28, 16 June 2010
- ...le Acceptable Use Policy''']] defines objectives for establishing specific standards on the appropriate business use of information assets.<br> ...ptable Use Policy:|'''Sample Acceptable Use Policy''']] and its associated standards.<br> ...6 KB (857 words) - 12:22, 19 July 2007
- ...mmissioners lacked the qualifications required by law, irregular selection standards or procedures for composing the jury roll, and improperly sent or served ju ...1 KB (167 words) - 20:02, 22 February 2009
- ...)''' implements information security policies and practices as required by standards and guidelines for national security systems, issued in accordance with law ...709 bytes (103 words) - 10:41, 2 June 2010
- ...)''' implements information security policies and practices as required by standards and guidelines for national security systems, issued in accordance with law ...709 bytes (103 words) - 21:02, 3 June 2010
- ...erwise unchanged) in 2007 to align with the other [[ISO/IEC 27000-series]] standards. # Compliance - ensuring conformance with [[information security policies]], standards, laws and regulations ...8 KB (1,111 words) - 10:30, 15 April 2012
- ...led '''blackers''', because they convert RED signals to BLACK. [[TEMPEST]] standards spelled out in NSTISSAM TEMPEST 2-95 specify shielding or a minimum physica ...1 KB (170 words) - 16:06, 14 June 2007
- * ''International Journal of IT Standards and Standardization Research'', ISSN: 1539-3054 (internet), 1539-3062 (prin [[Category:ISO standards|#20000]] ...2 KB (298 words) - 14:25, 23 April 2010
- '''BS 25999''' is the British Standards Institution (BSI)'s standard in the field of [[Business continuity planning ...s a Business Continuity Management (BCM) standard published by the British Standards Institution (BSI). ...7 KB (1,040 words) - 10:48, 27 October 2012
- ::'''Examine the organization’s system configuration standards for network components and critical servers, including any wireless access ...2 KB (287 words) - 14:26, 27 February 2007
- ...t Management Standard defines Company objectives for establishing specific standards for the management of the networks, systems, and applications that store, p The Company will establish and maintain Asset Protection Standards in accordance with the information asset protection objectives established ...3 KB (389 words) - 17:40, 14 January 2014
- ...ccess to applications because the database passwords do not meet corporate standards.'''<br> ...re required for each user. Password configuration is based on Corporate IT standards.<br> ...4 KB (550 words) - 14:34, 1 May 2006
- ...s name in his own hand, intended to be bound." In re National Institute of Standards and Technology — Use of Electronic Data Interchange to Create Valid Obligat ...695 bytes (105 words) - 12:39, 16 October 2014
- ...spe.hhs.gov/admnsimp/pl104191.htm HIPAA] requires the adoption of national standards for electronic health care transactions and national identifiers for provid ...urity. It was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, Mast ...4 KB (556 words) - 14:03, 8 March 2007
- ...ies, including an explanation or listing of security policies, principles, standards and compliance requirements of importance to the organization<br> ...Security Program Charter by defining objectives for establishing specific standards to properly classify and label information assets.<br> ...8 KB (1,063 words) - 13:25, 23 May 2007
- ...her speech is obscene is determined partly by reference to local community standards. As a result, speech that is legally obscene and therefore without constitu * Whether the average person, applying contemporary community standards, would find that the work, taken as a whole, appeals to the prurient intere ...6 KB (925 words) - 18:53, 10 April 2011
- ...mple Information Security Program Charter''']] and associated policies and standards.<br> '''C. Standards''' ...10 KB (1,206 words) - 14:05, 1 May 2010
- ...cal Information Infrastructure. To promote the development of key security standards and guidelines to support the implementation of and compliance with the Fed * Standards for categorizing information and information systems by mission impact. ...9 KB (1,252 words) - 19:19, 19 April 2010
- ...anagement approach to develop and implement Information Security policies, standards, guidelines, and procedures. The Information Security Program will protect ...set Protection Policy defines Company objectives for establishing specific standards on the protection of the confidentiality, integrity, and availability of Co ...10 KB (1,314 words) - 18:06, 15 March 2009
- ...sset Management Standard''']] defines objectives for establishing specific standards for properly managing the Company Information Technology infrastructure, in ...s for establishing and maintaining legal evidence retention and protection standards for Company physical and electronic data stores, network devices, servers, ...9 KB (1,213 words) - 13:20, 9 March 2009
- ...ecurity policy and discuss with those responsible whether they follow such standards and guidelines dealing with sensitive backup data. ...2 KB (304 words) - 19:56, 25 June 2006
- ...ceptable Use Standard defines Company objectives for establishing specific standards on appropriate business use of the Company's information and telecommunicat ...illegal, harassing, offensive, or in violation of other Company policies, standards or guidelines, or any other uses that would reflect adversely on Company, c ...3 KB (464 words) - 17:48, 14 January 2014
- ...s; security personnel enforce access rights in accordance with institution standards. Because of their internal access levels and intimate knowledge of financia ...pport security awareness and strengthen compliance with security policies, standards, and procedures. Ultimately, the behavior and priorities of senior manageme ...10 KB (1,327 words) - 12:54, 10 April 2007
- ...ject management techniques. The section details general project management standards, procedures, and controls and discusses various development, acquisition, a ...in all situations. However, organizations should employ project management standards, procedures, and controls commensurate with the characteristics and risks o ...12 KB (1,538 words) - 22:41, 25 April 2007
- ...itten software development processes to confirm they are based on industry standards and that security is included throughout the life cycle.<br> ...2 KB (298 words) - 18:26, 28 February 2007
- ...nce of information and communication technology'' was published in 2005 by Standards Australia. The standard provides principles, a model and vocabulary as a ba ...1 KB (150 words) - 16:22, 20 April 2010
- ...h those responsible for third-party service management if they follow such standards. Obtain and test evidence that the selection of vendors for outsourced serv ...2 KB (306 words) - 18:32, 14 June 2006
- ...itten software development processes to confirm they are based on industry standards and that security is included throughout the life cycle. From review of wri ...2 KB (297 words) - 18:33, 28 February 2007
- ...h those responsible for third-party service management if they follow such standards. ...2 KB (295 words) - 15:40, 25 June 2006
- ...ardized reports, such as trust services reports or a Statement of Auditing Standards 70 (SAS 70) report. ...6 KB (829 words) - 19:14, 17 April 2007
- ...anagement approach to develop and implement Information Security policies, standards, guidelines, and procedures. The Information Security Program will protect ...assification Standard defines Company objectives for establishing specific standards on the identification, classification, and labeling of Company information ...8 KB (1,068 words) - 17:23, 16 October 2009
- ...itten software development processes to confirm they are based on industry standards and that security is included throughout the life cycle. From review of wri ...2 KB (304 words) - 18:36, 28 February 2007
- ...itten software development processes to confirm they are based on industry standards and that security is included throughout the life cycle. From review of wri ...2 KB (307 words) - 18:29, 28 February 2007
- ...itten software development processes to confirm they are based on industry standards and that security is included throughout the life cycle. From review of wri ...2 KB (304 words) - 18:28, 28 February 2007
- ::'''Examine the organization’s system configuration standards for network components and critical servers, including any wireless access ...2 KB (318 words) - 13:54, 28 February 2007
- ...Technology Policy define the Company objectives for establishing specific standards on appropriate business use of the Company's information and telecommunicat ...illegal, harassing, offensive, or in violation of other Company policies, standards or guidelines, or any other uses that would reflect adversely on Company, c ...4 KB (507 words) - 14:58, 21 January 2014
- ...el of protection. This section provides templates for Information Security standards that are required to comply with ISO Asset Classification and Control objec ...1 KB (159 words) - 17:08, 25 July 2006
- ...itten software development processes to confirm they are based on industry standards and that security is included throughout the life cycle. From review of wri ...2 KB (316 words) - 18:30, 28 February 2007
- Review and optimize IT policies, standards and procedures to ensure that legal and regulatory requirements are covered ...2 KB (261 words) - 13:14, 4 May 2006
- ::'''Examine the organization’s system configuration standards for network components and critical servers, including any wireless access ...3 KB (341 words) - 14:28, 27 February 2007
- :'''Developmental Email Acceptable Usage Standards:''' [[Media:Developmental Electronic Mail Acceptable Usage Standard.pdf]]<b ...cceptable Use Standards:''' [[Media:Development-of-Internet-Acceptable-Use-Standards.pdf]]<br> ...6 KB (839 words) - 16:22, 23 April 2007
- ...on customers by determining their requirements and aligning them to the IT standards and practices. Roles and responsibilities concerning conflict resolution be ...2 KB (273 words) - 20:01, 1 May 2006