1 PHYSICAL SECURITY & ENVIRONMENTAL SECURITY General Overview Physical security elements are safeguards enacted t ensure nly authrized individuals have access t varius physical lcatins, such as crprate facilities, data warehuses, cmputer peratin centers, and any ther critical areas. Additinally, physical security als cnsists f the varius measures put in place fr prtecting rganizatinal assets, ranging frm peple, prperty, t any number f tangible gds, services r prducts. And with many rganizatins tday utsurcing critical functins t data centers, managed services prviders, and dcument strage facilities - just t name a select few - physical security has nw becme a critical cmpnent f ne's risk assessment and risk management framewrk. Knwing where yur assets are and hw they are prtected is paramunt. But it's just as imprtant t have physical security cntrls in place at ne's crprate ffice, satellite ffices, and any ther imprtant lcatins. And anther imprtant cmpnent f physical security are the supprting envirnmental security cntrls in place. Specifically, envirnmental security elements are the essential measures utilized t prtect physical surrundings frm damaging elements, such as fire, water, smke, electrical surges, spikes, and utages, alng with any ther hidden dangers. Envirnmental safeguards are critical in that they - alng with physical security, ensure the safety f the emplyees, cmpany prperty, and all ther pertinent physical elements near the facility. The subsequent Physical Security & Envirnmental Security plicy and prcedures dcument includes all necessary measures fr ensuring adequate safeguards are in place at all facilities cnsidered critical frm an rganizatinal perspective. The scpe f this plicy and prcedure dcument includes the fllwing types f facilities: Crprate ffice and reginal, satellite ffices. Data centers, c-lcatin facilities, and managed service prviders, dcument strage prviders, warehuses, etc. Any ther physical facility fr which the subsequent plicy, prcedures, and checklists culd be adapted t, and ultimately used fr.
2 Physical Security & Envirnmental Security Plicy and Prcedures Title [cmpany name] Physical Security & Envirnmental Security Plicy and Prcedures Versin Versin 1.0 Date Language Individual and/r Department Respnsible fr Distributin f Dcument Individual and/ r Department Respnsible fr Timely Update f Dcument Develped by: Subject Apprval Date Purpse f Dcument TBD English [cmpany name] Infrmatin Technlgy Department [name and title] [cmpany name] Use f Sftware TBD T implement cmprehensive Physical Security & Envirnmental Security plicies, prcedures, and practices whereby all emplyees and ther intended parties are readily aware f the rganizatin s Physical Security & Envirnmental Security plicies. Distributin f Dcument Disbursed t all emplyees f [cmpany name] and available by request t all ther intended parties.
3 1.0 Overview In accrdance with mandated rganizatinal security requirements set frth and apprved by management, [cmpany name] has established a frmal Physical Security & Envirnmental Security plicy and supprting prcedures. This plicy is t be implemented immediately alng with all relevant and applicable prcedures. Additinally, this plicy is t be evaluated n a(n) [annual, semi-annual, quarterly] basis fr ensuring its adequacy and relevancy regarding [cmpany name]'s needs and gals. 1.0 Purpse This plicy and supprting prcedures are designed t prvide [cmpany name] with a dcumented and frmalized Physical Security & Envirnmental Security plicy that is t be adhered t and utilized thrughut the rganizatin at all times. Cmpliance with the stated plicy and supprting prcedures helps ensure the safety and security f the [cmpany name] I.T. system resurces and all supprting assets. Assets are defined as the fllwing: Smething that is deemed t be tangible r intangible and that is capable f being wned, perated, maintained, and cntrlled t prduce a stated value. 1.0 Scpe This plicy and supprting prcedures encmpasses all system resurces and supprting assets that are wned, perated, maintained, and cntrlled by [cmpany name] and all ther system resurces, bth internally and externally, that interact with these systems. Internal system resurces are thse wned, perated, maintained, and cntrlled by [cmpany name] and include all netwrk devices (firewalls, ruters, switches, lad balancers, ther netwrk devices), servers (and the perating systems and applicatins that reside n them, bth physical and virtual servers) and any ther system resurces and supprting assets deemed in scpe. External system resurces are thse wned, perated, maintained, and cntrlled by any entity ther than [cmpany name], but fr which these very resurces may impact the cnfidentiality, integrity, and availability (CIA) f [cmpany name] system resurces and supprting assets. 1.0 Plicy [Cmpany name] is t ensure that the Physical Security & Envirnmental Security plicy adheres t the fllwing cnditins fr purpses f cmplying with the mandated rganizatinal security requirements set frth and apprved by management: Cnstructin The applicable facilities are t be cnstructed in a manner that ensures the adequate prtectin f all [cmpany name] system resurces and supprting assets. Specifically, this requires that the fllwing elements meet and/r exceed all lcal, state, federal and cuntry regin specific mandated guidelines pertaining t cnstructin f a cmmercial facility: Designed and built with the use f apprved architectural, mechanical, electrical and/r engineering drawings. Safe and secure fundatin and fting that meets all stated zning requirements.
4 Prper utilities in place, such as sewer, water, gas, electric, fire prtectin fire preventin, and ther applicable utilities as warranted. Apprpriate insurance in place, such as general liability, wrkers cmpensatin, and ther applicable insurance cverage. Architecturally and structurally sufficient t meet all needs f [cmpany name]. If necessary, authrized persnnel within [cmpany name] are t cntact the apprpriate party fr cnfirmatin f the afrementined elements. Physical Security Prtectin Measures The applicable facilities are t have adequate physical prtectin measures in place cnsisting f the fllwing elements, as applicable: Lcatin: Gegraphically lcated in a secure area, with apprpriate markings and indicatins cmmensurate with its use. Nte: Sme facilities require clear identificatin as t what they are and their purpse, while thers facilities deliberately hide their identificatin. Ultimately, this determinatin is t be made by management f the applicable facility. Cnstructin: Slid cnstructin with minimal r n physical penings that culd weaken the physical structure and/r allw unauthrized access. Additinally, all drs and main entry and egress pints (windws, bay drs, rf entry pints, undergrund access pints, shipping and receiving entry areas, etc.) are t be deemed f adequate physical cnstructin. Physical Barricades: Physical elements that serve as barricades fr prtecting the physical grunds. This is a requirement fr any data center r c-lcatin facility fr which [cmpany name] system resurces and supprting assets reside in. Additinally, apprpriate gates, fences and ther physical devices are t be utilized as necessary. Access Cntrl Prtectin: One r mre f the fllwing prtectin measures regarding physical access: Electrnic Access Cntrl (ACS), bimetrics (i.e., iris, palm reader, facial recgnitin), and/r traditinal lck-and-key measures. Nte: Fr any windws, bay drs, rf entry pints, undergrund access pints, shipping and receiving entry areas, and any ther entry and egress areas that d nt utilize ACS, bimetrics, r lck-and-key, they are t be secured with adequate prtectin measures, such as using internal lcks, latches, r ther apprved devices r mechanisms. Additinally, all access cntrl pints are t be securely clsed and lcked when nt in use r are unattended. Access via Electrnic Access Cntrl (ACS), and bimetrics (i.e., iris, palm reader, facial recgnitin) is nly granted t authrized individuals - thse wh have gne thrugh the prper prvisining prcess. Custmer Infrmatin: An imprtant cmpnent f ensuring that adequate physical security prtectin measures are in place is keeping track f all persnnel that enter and leave a facility. Thus, all critical custmer infrmatin, such as vital statistical infrmatin (i.e., name, cmpany affiliatin, cntact infrmatin, date and time f entrance and departure, etc.) is t be captured, recrded, stred, and archived.
5 Manned Access Cntrl Pints: Fr areas where individuals enter, register, and leave the applicable facility, actual persnnel are t be statined fr aiding and facilitating these prcesses. Additinally, visitr and emplyee prvisining and de-prvisining systems are t be in place that dcuments all essential access infrmatin. Placing f Equipment: Fr all system resurces and supprting assets lcated at a facility that handles (i.e., string, prcessing and/r transmitting) sensitive data, they shuld be lcated in physically secure areas, and islated as necessary, t avid unauthrized access. Additinally, cntrls are t be in place fr helping minimize the many physical and envirnmental threats as discussed thrughut this stated plicy and prcedures dcument. Vegetatin All vegetatin (i.e., grass, shrubs, plants, etc.) is t be apprpriately maintained at all time by either a licensed, bnded, and insured landscaping cmpany r by [cmpany name] landscape persnnel. Adequate maintenance f vegetatin nt nly imprves the appearance f a facility, it als ensures that intruders r ther suspicius peple r elements cannt cnceal themselves as easily. Security Alarm System A security alarm system is t be in place, peratinal at all applicable times as necessary, hard-wired and wireless mnitring (where applicable) fr all entry and egress pints thrughut the facility, and ther areas deemed vulnerable. Additinally, respnse and reslutin services fr the security alarm are t be a licensed, bnded, and insured third-party security alarm cmpany and/r lcal plice. Mrever, an apprpriate party at [cmpany name] is t be immediately ntified anytime an alarm has passed its maximum threshld whereby the third-party security alarm cmpany and/r the lcal plice have been cntacted. Alarm Pints Bth hard-wired cntact pints and wireless-alarm pints (where applicable) are t be utilized fr ensuring the security alarm system is cnnected t all critical entry and egress pints thrughut the facility and ther areas deemed vulnerable. The use f glass breakers, mtin detectrs, vice recgnitin elements, if used, are t be tied int the security alarm system using apprved measures. Cameras Mnitring Surveillance Recrding Archival Cameras are t be strategically placed thrughut the facility as deemed necessary and capable f capturing and recrding all activity. Additinally, this requires the use f mnitring devices whereby authrized persnnel can view all activity in real-time, while als recrding such activity. During nnbusiness hurs r when persnnel are nt available fr real-time viewing, recrding is t be in place that allws fr capturing any activity. Mrever, archival measure are t be in place (minimum f 90 days) fr retentin f data caught n camera. Threat Cnditins Plicy Because f the grwing threats facing rganizatins, a threat cnditins plicy is t be in place which cnsists f dcumented respnses and initiatives t undertake in the event f an actual threat. This may include, but is nt limited, t the fllwing: Threats f terrrism r hstage situatins.
6 Physical r envirnmental cnditins resulting in the structural integrity f a facility being cmprmised which culd ultimately endanger the lives f all ccupants. Pwer utages, utility issues. Technlgy threats and data cmprmises, such as Distributed Denial f Service Attacks (DDS), etc. Badge Identificatin Equipment Checks Any persns entering r leaving a facility are t be checked at anytime, and at the discretin f authrized persnnel, fr prperly identifying wh they are and fr items deemed suspicius that may be in their pssessin. Because many system resurces and supprting assets can be small in size, and als cstly, bag checks, bdy searches, pat dwns, and any ther checks deemed necessary, are t be emplyed. Remval f Prperty and Security f Equipment All prperty remved frm a facility is t be dne s with apprved methds nly, ne that allws fr dcumented prcess that recrds vital statistical infrmatin fr such prperty, whether it leaves indefinitely r is being returned at a later date (fr which it will then be required t be checked-in thrugh a dcumented prcess als). Specifically, prperty may nly be remved if apprved by authrized persnnel and is required t be returned (if applicable) under an agreeable and predetermined timeframe. Additinally, prperty, while still under the legal binding wnership f the applicable facility, is t be safeguarded at all times, must adhere t manufacture's perating plicies (if applicable), with apprpriate insurance in place fr prtecting such prperty. Cages Cabinets Vaults System resurces, such as cmputer and netwrking systems (bth the hardware sftware, and supprting assets) are t be placed in secure cages, cabinets, r vaults that meet r exceed strength, rigidity, and general safety standards as required by law and/r custmers. Additinally, physical access cntrls, such as electrnic access cntrl systems (ACS), cmbinatin lcks, punch key lcks, and/r traditinal lck and key are t be used fr prtectin f the applicable system resurces. Security Department and Security Staff As necessary, the applicable facility is t have in place a frmalized security department cnsisting f the fllwing: Operates 24x7 and is respnsible fr cntrlling and mnitring facility access and ensuring cmpliance with access prcedures. Is respnsible fr cntrlling the mvement f materials taken ut f the facility main entry and exit pints, issuing pht id access badges and visitr badges and retrieving them als, alng with administering the cmputerized access cntrl system t permit and terminate access. Dedicated n-site security staff 24x7 wh are respnsible fr prper peratins and maintenance f the physical security systems, lss preventin, material mvement, and security plicy and prcedures cmpliance. Dedicated n-site security staff 24x7 wh perfrm the fllwing functins: Respnse and reslutin t security alarms. Custmer assistance fr cage lckuts and escrts. Scheduled and unscheduled security inspectins.
7 Enfrcement f n fd r drinks in certain areas. Enfrcement f n unauthrized phtgraphy plicy. Fire and safety patrl inspectins. Mnitr intrusin security alarm systems. Dispatch mbile security fficers t emergencies. Mnitring t prevent unauthrized access, such as tailgating. Assist all individuals wh have authrized access t enter the facility. Cntrlling access t the data center by cnfirming identity. Issue and retrieve access badges. Respnd t telephne and radi cmmunicatins. Lcal Law Enfrcement Cntact Infrmatin The psting f lcal law enfrcement cntact infrmatin (ther than 911 r ther emergency numbers) is t be in place whereby authrized persnnel can cntact authrities as necessary. This infrmatin shuld be made available t security staff and psted accrdingly in an area where it can be easily viewed by such security staff (such as their security rm). Mantrap Mantraps, which are cmmn in any facility that require entrance int sensitive areas, are t be used as necessary. This ften includes facilities such as data center, c-lcatin entities, managed services prviders and ther related entities. Facility Access Only authrized persnnel (i.e., emplyees, visitrs, cntractrs, and ther third party.) are allwed access t the applicable facility, with ne's access rights cmmensurate fr his her rles and respnsibilities. Additinally, a dcumented identificatin, prvisining and de-prvisining prcess and related prcedures are t be in place cnsisting f the fllwing measures: The use f a sftware utility, ticketing system, in cnjunctin with a hard-cpy lg reprt that captures all vital statistical access rights infrmatin, such as full name, cntact infrmatin, cmpany affiliatin, alng with date and time f entry and departure t and frm the facility, and any ther vital statistical infrmatin. Fr individuals wh have been granted an actual access cntrl badge - thus allwing t bypass many f the prvisining steps in place fr visitrs, cntractrs, and ther third party individuals - the sftware utility that allws access is t be reviewed n a regular basis. The regular review is t ensure that all terminated users d nt have access and access fr current users is cmmensurate with their rles and respnsibilities. Assignment f badge, card reader, r sme f ther clearly labeled frm f visible identificatin that indicates the type f persnnel they are (i.e., emplyees, visitrs, cntractrs, and ther third party), the type f access, duratin f access (if applicable). Nte: The requirement fr a "clearly labeled frm f visible identificatin" prevents unauthrized access and allws anyne within the facility t identify unescrted visitrs, ultimately helping in determining if access cntrls have been breached. Thus, visitrs, cntractrs, and ther third party individuals are t be escrted at all times, when applicable.
8 Fr areas deemed restricted, sensitive, classified, r any ther designatin whereby access is allwed nly t select, authrized persnnel, additinal access cntrl measures are t be in place (i.e., tw-factr authenticatin, bimetrics, etc.) fr prtecting [cmpany name]'s system resurces and supprting assets. Because many facilities have shipping, receiving, delivery, and lading areas that are used n a daily basis, these areas are t have secure access cntrl mechanisms in place, such as thse described earlier under "Physical Security Prtectin Measures." Additinally, fr facilities that have shipping, receiving, delivery, and lading areas, the fllwing prvisins are t be in place: Access restricted t authrized persnnel. Areas that are cnfined fr nly their applicable use, with n access allwed t ther parts f the facility withut undertaking prcess access cntrl measures. Incming and utging gds and prducts are t be inspected, tagged and labeled accrdingly, recrded, and registered with an apprved methd. Gds and prducts arriving at the facility are t be stred in designated areas, such as bins, hlding rms, r sme ther type f apprved methd. Gds and prducts leaving the facility are t have crrect transprtatin labels n them, and are t be stred in designated areas befre being picked up. All gds and prducts entering and leaving the facility are t be physically inspected fr any pssible security threats. Fr a facility that receives gd and prducts fr a custmer, a ntificatin prcess is t be in place whereby custmers are immediately cntacted and infrmed f packages. The entire identificatin, prvisining, and de-prvisining prcess is t be recrded and archived fr purpses f prducing audit recrds as needed, such as fr access cntrl breaches, daily peratinal review activities, and fr regulatry cmpliance requirements. Access Cntrl System Access cntrl systems, while imprtant fr physical security prtectin measures, ultimately ensure that nly authrized individuals have access t a particular facility, with access rights being cmmensurate with ne's rles and respnsibilities. As such, access cntrl systems are t be prvisined and deplyed fr any area requiring physical access int a facility - r within the facility - access t additinal areas. Additinally, the access cntrl systems are t be maintained by authrized individuals nly. Bimetrics Bimetrics, while als imprtant fr physical security prtectin measures, ultimately ensure that nly authrized individuals have access t a particular facility, with access rights being cmmensurate with ne's rles and respnsibilities. As such, bimetric devices are t be prvisined and deplyed fr any area requiring physical access int a facility - r within the facility - access t additinal areas. Additinally, the bimetric devices are t be maintained by authrized individuals nly. Example f bimetrics include, but are nt limited, t the fllwing: Fingerprint and Palm Readers Vice Recgnitin
Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)
Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins
Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity
Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance
A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY
Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the
Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help
INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin
POLICY Number: 7311-25-004 Title: Saskatn Health Regin User Accunt Plicy Authrizatin [ ] President and CEO [X] Vice President, Finance and Crprate Services Surce: Directr, Infrmatin Technlgy Services Crss
Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues
audimex Hsting Descriptin f Clcatin Centre, Scpe f Services Status: 26.10.2012 Chairman f the Supervisry Bard: Alexander Schmitz-Elsen, Managing Directrs: Dr. Stefan Berchtld, Markus Hövermann, audimex
HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders
The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the
Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs
REQUEST FOR PROPOSAL SECURITY SERVICES Sectin I INTRODUCTION [Cmpany] is seeking prpsals frm qualified Cntractrs t prvide unifrmed security service fr [Cmpany] facilities at [Lcatin(s)]. This dcument is
Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident
FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty
Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer
In-Huse Cunsel Day Pririties fr 2012 Clud Cmputing the benefits, ptential risks and security fr the future Presented by David Richardsn Thursday 1 March 2012 WIN: What in-huse lawyers need Knwledge, supprt
1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets
Page 1 f 11 APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial plicy released 1. PURPOSE OF THIS POLICY T define the purpses fr which Crprate Purchase Cards are t be used
OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity
Directive # QH-HSD-039:2013 Effective Date: 01 July 2013 Review Date: 01 July 2016 Supersedes: Nil Landing Sites Planning, Implementatin and Management Purpse The purpse f this Health Service Directive
White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm 2
Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t
Mbile Phne Plicy & Guidance Intrductin This plicy is designed t safeguard bth the cuncil and users f mbile phnes supplied by Angus Cuncil. It aims t ensure that these are used effectively, fr their intended
Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities
THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant
First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First
SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters
Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and
TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs
BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin
www.disasterrecveryplantemplate.rg The bjective f a disaster recvery plan is t ensure that yu can respnd t a disaster r ther emergency that affects infrmatin systems and minimize the effect n the peratin
Purpse The risk t Charlestn Suthern University, its emplyees and students frm data lss and identity theft is f significant cncern t the University and can be reduced nly thrugh the cmbined effrts f every
State f Califrnia Califrnia Technlgy Agency Sftware Management Plan Guidelines Revised April 2011 Sectin 1 1.0 Overview INTRODUCTION TO SOFTWARE MANAGEMENT PLANNING The State Administrative Manual (SAM)
The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents
Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet
Legal Entity Name f NHVAS Operatr: DTMR Representative: Lcatin: NHVAS Mass Management Spt Check Checklist Spt Check Date: Spt Check Number: DMS Number: 540/ The fllwing surces f evidence have been identified
BlueTie Business Email White Paper Advanced SaaS Security Measures Overview f BlueTie Security BlueTie, Inc. 220 Kenneth Drive Rchester, NY 14623 USA (800) BLUE TIE www.bluetie.cm TABLE OF CONTENTS Abstract...
Ft. Huachuca Persnnel Asset Inventry - SOP I. Respnsible agencies are: Unit Battalin r separate cmpany S1 (S1) Brigade S1 Military Persnnel Divisin (MPD) Persnnel Autmatin Sectin (PAS) G1, AG, Military
Bring Yur Own Device Plicy fr Students Purpse This plicy utlines the acceptable use f electrnic devices t maintain a safe and secure educatin envirnment with the gal f preparing students fr the future,
TOWN OF PAYSON WATER DEPARTMENT BACKFLOW PREVENTION PROGRAM CUSTOMER INFORMATION PACKAGE TOWN OF PAYSON Backflw Preventin Prgram Develpers, Cntractrs and Paysn Residents: An apprved backflw preventin assembly
Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive
A Cmparisn f UK and Chinese Brking Regulatin David Cupe Partner +44 (0)203 553 4884 email@example.com The fllwing tables are a cmparisn f UK and Chinese brking regulatins including the Llyd s regulatins.
Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada
Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required
IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+
IT Accunt and Access Prcedure Revisin Histry Versin Date Editr Nature f Change 1.0 3/23/06 Kelly Matt Initial Release Table f Cntents 1.0 Overview... 1 2.0 Purpse... 1 3.0 Scpe... 1 4.0 Passwrds... 1 4.1
State Fleet Card Oversight Usage and Respnsibilities Intrductin The Department f General Services (DGS), Office f Fleet and Asset Management (OFAM) administers a statewide ne-prvider payment system cntract
RSA Authenticatin Manager 5.2 and 6.1 Security Best Practices Guide Versin5 Cntact Infrmatin G t the RSA crprate web site fr reginal Custmer Supprt telephne and fax numbers: www.rsa.cm. Trademarks RSA,
Addressing Drug and Device Recalls in Hspitals Develped by participants at the meetings f the Califrnia State Bard f Pharmacy s Subcmmittee t Evaluate Drug Distributin in Hspitals January 2010 BOARD MEMBERS
RCI PRIVACY NOTICE RCI Pacific Pty Ltd is cncerned abut privacy issues and wants yu t be familiar with hw we cllect, use and disclse infrmatin. This Privacy Ntice describes ur practices in cnnectin with
WHAT YOU NEED TO KNOW ABOUT Prtecting yur Privacy YOUR PRIVACY IS OUR PRIORITY Credit unins have a histry f respecting the privacy f ur members and custmers. Yur Bard f Directrs has adpted the Credit Unin
OITS Service Level Agreement Objective A Service Level Agreement (SLA) describes the IT Service, dcuments Service Level Targets, and specifies the respnsibilities f the IT Service Prvider and the Custmer.
Cmplliiance Cmpnentt Descriptin Ratinale Benefits List the Dmain List the Discipline List the Technlgy Area List Prduct Cmpnent Dcument the Cmpliance Cmpnent Type Cmpnent Sub-type DEEFFI INITION Hst-Based
System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality
Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,
Causes include ht wrk, smking, inapprpriate cntractr actins, and arsn. Cntributing factrs include pr husekeeping, impaired fire prtectin, and inadequate respnse t fires. Implementing lss preventin prgrams
ADDENDUM #1 THIRD PARTY PROCUREMENT PROCEDURES NORTH CENTRAL TEXAS COUNCIL OF GOVERNMENTS TRANSPORTATION DEPARTMENT JUNE 2011 OVERVIEW These prcedures establish standards and guidelines fr the Nrth Central
ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY Gvernrs Cmmittee: Finance and General Purpses Apprved by Gverning Bdy n: 6 th May 2015 Signed: (Chair f Cmmittee) Signed: (Headteacher) Date t be
British Clumbia Prfessinal and Sftware Cnfrmance Standards Electrnic Health Infrmatin Exchange Vlume 3: Business Rules General All Pints f Service Versin 0.2 2014-11-24 Security Classificatin: Lw Sensitivity