Policy 7230A - Department of Administration
Policy 7230A - Department of Administration
Policy 7230A - Department of Administration
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Table <strong>of</strong> Contents<br />
Introduction ................................................................................................. 1<br />
1 Governing Principles ............................................................................... 2<br />
1.1 Security <strong>Policy</strong> Overview ............................................................................ 2<br />
1.2 Roles and Responsibilities .......................................................................... 3<br />
1.3 <strong>Policy</strong> Revision ............................................................................................ 6<br />
2 Assessment & Security Planning ............................................................. 7<br />
2.1 Risk and Privacy Assessment ...................................................................... 7<br />
2.2 Security Plan ............................................................................................... 8<br />
3 Awareness & Training ............................................................................. 9<br />
3.1 Security Awareness Training ...................................................................... 9<br />
3.2 Security Operations Training .................................................................... 10<br />
4 Access Control ...................................................................................... 11<br />
4.1 Identification & Authentication ............................................................... 11<br />
4.2 Account Management .............................................................................. 12<br />
4.3 Session Management ............................................................................... 13<br />
5 Systems Configuration .......................................................................... 15<br />
5.1 Configuration Management ..................................................................... 15<br />
5.2 Systems Protection .................................................................................. 17<br />
5.3 Data/Media Protection ............................................................................ 18<br />
5.4 Application Protection ............................................................................. 20<br />
6 Systems Operation ................................................................................ 21<br />
6.1 Assessment Operations ............................................................................ 21<br />
6.2 Integrity Operations ................................................................................. 21<br />
6.3 Maintenance Operations ......................................................................... 22<br />
7 System Audit ......................................................................................... 24<br />
7.1 System Audit ............................................................................................ 24<br />
8 Incident Response ................................................................................. 26<br />
8.1 Incident Response .................................................................................... 26<br />
9 Contingency Planning ........................................................................... 28<br />
9.1 Contingency Plans .................................................................................... 28