IT Examiner School - Oct 2023
Policy, Standards & Procedures…
• Policy : All external business communication via the Internet will provide confidentiality, integrity, and availability. • Standards : • Mandatory • Created to support the policy, while providing specific details. • Procedures : • Mandatory • Step-by-step directives on how to get the end result. • Guidelines: • Not Mandatory • Suggestive or recommended actions. • Baselines: • Mandatory • Minimum acceptable security configuration.
Policy
Standards
Procedures
Guidelines
Baselines
17
Information Security Controls
Administrative Controls support the classic management responsibilities of planning, directing, organizing, and reporting.
Technical Controls involve hardware and application or OS software.
Physical Controls protect against environmental, human, and systemic threats.
18
18
Made with FlippingBook - professional solution for displaying marketing and sales documents online