PHYSICAL SECURITY & ENVIRONMENTAL SECURITY

Size: px
Start display at page:

Download "PHYSICAL SECURITY & ENVIRONMENTAL SECURITY"

Transcription

1 PHYSICAL SECURITY & ENVIRONMENTAL SECURITY General Overview Physical security elements are safeguards enacted t ensure nly authrized individuals have access t varius physical lcatins, such as crprate facilities, data warehuses, cmputer peratin centers, and any ther critical areas. Additinally, physical security als cnsists f the varius measures put in place fr prtecting rganizatinal assets, ranging frm peple, prperty, t any number f tangible gds, services r prducts. And with many rganizatins tday utsurcing critical functins t data centers, managed services prviders, and dcument strage facilities - just t name a select few - physical security has nw becme a critical cmpnent f ne's risk assessment and risk management framewrk. Knwing where yur assets are and hw they are prtected is paramunt. But it's just as imprtant t have physical security cntrls in place at ne's crprate ffice, satellite ffices, and any ther imprtant lcatins. And anther imprtant cmpnent f physical security are the supprting envirnmental security cntrls in place. Specifically, envirnmental security elements are the essential measures utilized t prtect physical surrundings frm damaging elements, such as fire, water, smke, electrical surges, spikes, and utages, alng with any ther hidden dangers. Envirnmental safeguards are critical in that they - alng with physical security, ensure the safety f the emplyees, cmpany prperty, and all ther pertinent physical elements near the facility. The subsequent Physical Security & Envirnmental Security plicy and prcedures dcument includes all necessary measures fr ensuring adequate safeguards are in place at all facilities cnsidered critical frm an rganizatinal perspective. The scpe f this plicy and prcedure dcument includes the fllwing types f facilities: Crprate ffice and reginal, satellite ffices. Data centers, c-lcatin facilities, and managed service prviders, dcument strage prviders, warehuses, etc. Any ther physical facility fr which the subsequent plicy, prcedures, and checklists culd be adapted t, and ultimately used fr.

2 Physical Security & Envirnmental Security Plicy and Prcedures Title [cmpany name] Physical Security & Envirnmental Security Plicy and Prcedures Versin Versin 1.0 Date Language Individual and/r Department Respnsible fr Distributin f Dcument Individual and/ r Department Respnsible fr Timely Update f Dcument Develped by: Subject Apprval Date Purpse f Dcument TBD English [cmpany name] Infrmatin Technlgy Department [name and title] [cmpany name] Use f Sftware TBD T implement cmprehensive Physical Security & Envirnmental Security plicies, prcedures, and practices whereby all emplyees and ther intended parties are readily aware f the rganizatin s Physical Security & Envirnmental Security plicies. Distributin f Dcument Disbursed t all emplyees f [cmpany name] and available by request t all ther intended parties.

3 1.0 Overview In accrdance with mandated rganizatinal security requirements set frth and apprved by management, [cmpany name] has established a frmal Physical Security & Envirnmental Security plicy and supprting prcedures. This plicy is t be implemented immediately alng with all relevant and applicable prcedures. Additinally, this plicy is t be evaluated n a(n) [annual, semi-annual, quarterly] basis fr ensuring its adequacy and relevancy regarding [cmpany name]'s needs and gals. 1.0 Purpse This plicy and supprting prcedures are designed t prvide [cmpany name] with a dcumented and frmalized Physical Security & Envirnmental Security plicy that is t be adhered t and utilized thrughut the rganizatin at all times. Cmpliance with the stated plicy and supprting prcedures helps ensure the safety and security f the [cmpany name] I.T. system resurces and all supprting assets. Assets are defined as the fllwing: Smething that is deemed t be tangible r intangible and that is capable f being wned, perated, maintained, and cntrlled t prduce a stated value. 1.0 Scpe This plicy and supprting prcedures encmpasses all system resurces and supprting assets that are wned, perated, maintained, and cntrlled by [cmpany name] and all ther system resurces, bth internally and externally, that interact with these systems. Internal system resurces are thse wned, perated, maintained, and cntrlled by [cmpany name] and include all netwrk devices (firewalls, ruters, switches, lad balancers, ther netwrk devices), servers (and the perating systems and applicatins that reside n them, bth physical and virtual servers) and any ther system resurces and supprting assets deemed in scpe. External system resurces are thse wned, perated, maintained, and cntrlled by any entity ther than [cmpany name], but fr which these very resurces may impact the cnfidentiality, integrity, and availability (CIA) f [cmpany name] system resurces and supprting assets. 1.0 Plicy [Cmpany name] is t ensure that the Physical Security & Envirnmental Security plicy adheres t the fllwing cnditins fr purpses f cmplying with the mandated rganizatinal security requirements set frth and apprved by management: Cnstructin The applicable facilities are t be cnstructed in a manner that ensures the adequate prtectin f all [cmpany name] system resurces and supprting assets. Specifically, this requires that the fllwing elements meet and/r exceed all lcal, state, federal and cuntry regin specific mandated guidelines pertaining t cnstructin f a cmmercial facility: Designed and built with the use f apprved architectural, mechanical, electrical and/r engineering drawings. Safe and secure fundatin and fting that meets all stated zning requirements.

4 Prper utilities in place, such as sewer, water, gas, electric, fire prtectin fire preventin, and ther applicable utilities as warranted. Apprpriate insurance in place, such as general liability, wrkers cmpensatin, and ther applicable insurance cverage. Architecturally and structurally sufficient t meet all needs f [cmpany name]. If necessary, authrized persnnel within [cmpany name] are t cntact the apprpriate party fr cnfirmatin f the afrementined elements. Physical Security Prtectin Measures The applicable facilities are t have adequate physical prtectin measures in place cnsisting f the fllwing elements, as applicable: Lcatin: Gegraphically lcated in a secure area, with apprpriate markings and indicatins cmmensurate with its use. Nte: Sme facilities require clear identificatin as t what they are and their purpse, while thers facilities deliberately hide their identificatin. Ultimately, this determinatin is t be made by management f the applicable facility. Cnstructin: Slid cnstructin with minimal r n physical penings that culd weaken the physical structure and/r allw unauthrized access. Additinally, all drs and main entry and egress pints (windws, bay drs, rf entry pints, undergrund access pints, shipping and receiving entry areas, etc.) are t be deemed f adequate physical cnstructin. Physical Barricades: Physical elements that serve as barricades fr prtecting the physical grunds. This is a requirement fr any data center r c-lcatin facility fr which [cmpany name] system resurces and supprting assets reside in. Additinally, apprpriate gates, fences and ther physical devices are t be utilized as necessary. Access Cntrl Prtectin: One r mre f the fllwing prtectin measures regarding physical access: Electrnic Access Cntrl (ACS), bimetrics (i.e., iris, palm reader, facial recgnitin), and/r traditinal lck-and-key measures. Nte: Fr any windws, bay drs, rf entry pints, undergrund access pints, shipping and receiving entry areas, and any ther entry and egress areas that d nt utilize ACS, bimetrics, r lck-and-key, they are t be secured with adequate prtectin measures, such as using internal lcks, latches, r ther apprved devices r mechanisms. Additinally, all access cntrl pints are t be securely clsed and lcked when nt in use r are unattended. Access via Electrnic Access Cntrl (ACS), and bimetrics (i.e., iris, palm reader, facial recgnitin) is nly granted t authrized individuals - thse wh have gne thrugh the prper prvisining prcess. Custmer Infrmatin: An imprtant cmpnent f ensuring that adequate physical security prtectin measures are in place is keeping track f all persnnel that enter and leave a facility. Thus, all critical custmer infrmatin, such as vital statistical infrmatin (i.e., name, cmpany affiliatin, cntact infrmatin, date and time f entrance and departure, etc.) is t be captured, recrded, stred, and archived.

5 Manned Access Cntrl Pints: Fr areas where individuals enter, register, and leave the applicable facility, actual persnnel are t be statined fr aiding and facilitating these prcesses. Additinally, visitr and emplyee prvisining and de-prvisining systems are t be in place that dcuments all essential access infrmatin. Placing f Equipment: Fr all system resurces and supprting assets lcated at a facility that handles (i.e., string, prcessing and/r transmitting) sensitive data, they shuld be lcated in physically secure areas, and islated as necessary, t avid unauthrized access. Additinally, cntrls are t be in place fr helping minimize the many physical and envirnmental threats as discussed thrughut this stated plicy and prcedures dcument. Vegetatin All vegetatin (i.e., grass, shrubs, plants, etc.) is t be apprpriately maintained at all time by either a licensed, bnded, and insured landscaping cmpany r by [cmpany name] landscape persnnel. Adequate maintenance f vegetatin nt nly imprves the appearance f a facility, it als ensures that intruders r ther suspicius peple r elements cannt cnceal themselves as easily. Security Alarm System A security alarm system is t be in place, peratinal at all applicable times as necessary, hard-wired and wireless mnitring (where applicable) fr all entry and egress pints thrughut the facility, and ther areas deemed vulnerable. Additinally, respnse and reslutin services fr the security alarm are t be a licensed, bnded, and insured third-party security alarm cmpany and/r lcal plice. Mrever, an apprpriate party at [cmpany name] is t be immediately ntified anytime an alarm has passed its maximum threshld whereby the third-party security alarm cmpany and/r the lcal plice have been cntacted. Alarm Pints Bth hard-wired cntact pints and wireless-alarm pints (where applicable) are t be utilized fr ensuring the security alarm system is cnnected t all critical entry and egress pints thrughut the facility and ther areas deemed vulnerable. The use f glass breakers, mtin detectrs, vice recgnitin elements, if used, are t be tied int the security alarm system using apprved measures. Cameras Mnitring Surveillance Recrding Archival Cameras are t be strategically placed thrughut the facility as deemed necessary and capable f capturing and recrding all activity. Additinally, this requires the use f mnitring devices whereby authrized persnnel can view all activity in real-time, while als recrding such activity. During nnbusiness hurs r when persnnel are nt available fr real-time viewing, recrding is t be in place that allws fr capturing any activity. Mrever, archival measure are t be in place (minimum f 90 days) fr retentin f data caught n camera. Threat Cnditins Plicy Because f the grwing threats facing rganizatins, a threat cnditins plicy is t be in place which cnsists f dcumented respnses and initiatives t undertake in the event f an actual threat. This may include, but is nt limited, t the fllwing: Threats f terrrism r hstage situatins.

6 Physical r envirnmental cnditins resulting in the structural integrity f a facility being cmprmised which culd ultimately endanger the lives f all ccupants. Pwer utages, utility issues. Technlgy threats and data cmprmises, such as Distributed Denial f Service Attacks (DDS), etc. Badge Identificatin Equipment Checks Any persns entering r leaving a facility are t be checked at anytime, and at the discretin f authrized persnnel, fr prperly identifying wh they are and fr items deemed suspicius that may be in their pssessin. Because many system resurces and supprting assets can be small in size, and als cstly, bag checks, bdy searches, pat dwns, and any ther checks deemed necessary, are t be emplyed. Remval f Prperty and Security f Equipment All prperty remved frm a facility is t be dne s with apprved methds nly, ne that allws fr dcumented prcess that recrds vital statistical infrmatin fr such prperty, whether it leaves indefinitely r is being returned at a later date (fr which it will then be required t be checked-in thrugh a dcumented prcess als). Specifically, prperty may nly be remved if apprved by authrized persnnel and is required t be returned (if applicable) under an agreeable and predetermined timeframe. Additinally, prperty, while still under the legal binding wnership f the applicable facility, is t be safeguarded at all times, must adhere t manufacture's perating plicies (if applicable), with apprpriate insurance in place fr prtecting such prperty. Cages Cabinets Vaults System resurces, such as cmputer and netwrking systems (bth the hardware sftware, and supprting assets) are t be placed in secure cages, cabinets, r vaults that meet r exceed strength, rigidity, and general safety standards as required by law and/r custmers. Additinally, physical access cntrls, such as electrnic access cntrl systems (ACS), cmbinatin lcks, punch key lcks, and/r traditinal lck and key are t be used fr prtectin f the applicable system resurces. Security Department and Security Staff As necessary, the applicable facility is t have in place a frmalized security department cnsisting f the fllwing: Operates 24x7 and is respnsible fr cntrlling and mnitring facility access and ensuring cmpliance with access prcedures. Is respnsible fr cntrlling the mvement f materials taken ut f the facility main entry and exit pints, issuing pht id access badges and visitr badges and retrieving them als, alng with administering the cmputerized access cntrl system t permit and terminate access. Dedicated n-site security staff 24x7 wh are respnsible fr prper peratins and maintenance f the physical security systems, lss preventin, material mvement, and security plicy and prcedures cmpliance. Dedicated n-site security staff 24x7 wh perfrm the fllwing functins: Respnse and reslutin t security alarms. Custmer assistance fr cage lckuts and escrts. Scheduled and unscheduled security inspectins.

7 Enfrcement f n fd r drinks in certain areas. Enfrcement f n unauthrized phtgraphy plicy. Fire and safety patrl inspectins. Mnitr intrusin security alarm systems. Dispatch mbile security fficers t emergencies. Mnitring t prevent unauthrized access, such as tailgating. Assist all individuals wh have authrized access t enter the facility. Cntrlling access t the data center by cnfirming identity. Issue and retrieve access badges. Respnd t telephne and radi cmmunicatins. Lcal Law Enfrcement Cntact Infrmatin The psting f lcal law enfrcement cntact infrmatin (ther than 911 r ther emergency numbers) is t be in place whereby authrized persnnel can cntact authrities as necessary. This infrmatin shuld be made available t security staff and psted accrdingly in an area where it can be easily viewed by such security staff (such as their security rm). Mantrap Mantraps, which are cmmn in any facility that require entrance int sensitive areas, are t be used as necessary. This ften includes facilities such as data center, c-lcatin entities, managed services prviders and ther related entities. Facility Access Only authrized persnnel (i.e., emplyees, visitrs, cntractrs, and ther third party.) are allwed access t the applicable facility, with ne's access rights cmmensurate fr his her rles and respnsibilities. Additinally, a dcumented identificatin, prvisining and de-prvisining prcess and related prcedures are t be in place cnsisting f the fllwing measures: The use f a sftware utility, ticketing system, in cnjunctin with a hard-cpy lg reprt that captures all vital statistical access rights infrmatin, such as full name, cntact infrmatin, cmpany affiliatin, alng with date and time f entry and departure t and frm the facility, and any ther vital statistical infrmatin. Fr individuals wh have been granted an actual access cntrl badge - thus allwing t bypass many f the prvisining steps in place fr visitrs, cntractrs, and ther third party individuals - the sftware utility that allws access is t be reviewed n a regular basis. The regular review is t ensure that all terminated users d nt have access and access fr current users is cmmensurate with their rles and respnsibilities. Assignment f badge, card reader, r sme f ther clearly labeled frm f visible identificatin that indicates the type f persnnel they are (i.e., emplyees, visitrs, cntractrs, and ther third party), the type f access, duratin f access (if applicable). Nte: The requirement fr a "clearly labeled frm f visible identificatin" prevents unauthrized access and allws anyne within the facility t identify unescrted visitrs, ultimately helping in determining if access cntrls have been breached. Thus, visitrs, cntractrs, and ther third party individuals are t be escrted at all times, when applicable.

8 Fr areas deemed restricted, sensitive, classified, r any ther designatin whereby access is allwed nly t select, authrized persnnel, additinal access cntrl measures are t be in place (i.e., tw-factr authenticatin, bimetrics, etc.) fr prtecting [cmpany name]'s system resurces and supprting assets. Because many facilities have shipping, receiving, delivery, and lading areas that are used n a daily basis, these areas are t have secure access cntrl mechanisms in place, such as thse described earlier under "Physical Security Prtectin Measures." Additinally, fr facilities that have shipping, receiving, delivery, and lading areas, the fllwing prvisins are t be in place: Access restricted t authrized persnnel. Areas that are cnfined fr nly their applicable use, with n access allwed t ther parts f the facility withut undertaking prcess access cntrl measures. Incming and utging gds and prducts are t be inspected, tagged and labeled accrdingly, recrded, and registered with an apprved methd. Gds and prducts arriving at the facility are t be stred in designated areas, such as bins, hlding rms, r sme ther type f apprved methd. Gds and prducts leaving the facility are t have crrect transprtatin labels n them, and are t be stred in designated areas befre being picked up. All gds and prducts entering and leaving the facility are t be physically inspected fr any pssible security threats. Fr a facility that receives gd and prducts fr a custmer, a ntificatin prcess is t be in place whereby custmers are immediately cntacted and infrmed f packages. The entire identificatin, prvisining, and de-prvisining prcess is t be recrded and archived fr purpses f prducing audit recrds as needed, such as fr access cntrl breaches, daily peratinal review activities, and fr regulatry cmpliance requirements. Access Cntrl System Access cntrl systems, while imprtant fr physical security prtectin measures, ultimately ensure that nly authrized individuals have access t a particular facility, with access rights being cmmensurate with ne's rles and respnsibilities. As such, access cntrl systems are t be prvisined and deplyed fr any area requiring physical access int a facility - r within the facility - access t additinal areas. Additinally, the access cntrl systems are t be maintained by authrized individuals nly. Bimetrics Bimetrics, while als imprtant fr physical security prtectin measures, ultimately ensure that nly authrized individuals have access t a particular facility, with access rights being cmmensurate with ne's rles and respnsibilities. As such, bimetric devices are t be prvisined and deplyed fr any area requiring physical access int a facility - r within the facility - access t additinal areas. Additinally, the bimetric devices are t be maintained by authrized individuals nly. Example f bimetrics include, but are nt limited, t the fllwing: Fingerprint and Palm Readers Vice Recgnitin

9

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

Key Steps for Organizations in Responding to Privacy Breaches

Key Steps for Organizations in Responding to Privacy Breaches Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Chapter 7 Business Continuity and Risk Management

Chapter 7 Business Continuity and Risk Management Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity

More information

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch

More information

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance

More information

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015

A96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY

More information

Environmental, Health & Safety Management System (EMS) Documents and Records Management Procedure

Environmental, Health & Safety Management System (EMS) Documents and Records Management Procedure Envirnmental, Health & Safety Management System (EMS) Dcument N.: 01005 Revisin N.: 10 Dcuments and Recrds Management Prcedure Revised: 03/06/2015 Reviewed: 01/26/2015 Prepared By: Liske, Kurt Apprved

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

Unified Infrastructure/Organization Computer System/Software Use Policy

Unified Infrastructure/Organization Computer System/Software Use Policy Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help

More information

Information Security Incident Response Plan

Information Security Incident Response Plan Infrmatin Security Incident Respnse Plan Agency: Date: Cntact: 1 TABLE OF CONTENTS Intrductin... 3 Authrity... 4 Terms and Definitins... 4 Rles and Respnsibilities... 5 Prgram... 6 Educatin and Awareness...

More information

Guidelines for Custodians

Guidelines for Custodians Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information.

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information. POLICY Number: 7311-25-004 Title: Saskatn Health Regin User Accunt Plicy Authrizatin [ ] President and CEO [X] Vice President, Finance and Crprate Services Surce: Directr, Infrmatin Technlgy Services Crss

More information

Christchurch Polytechnic Institute of Technology Access Control Security Standard

Christchurch Polytechnic Institute of Technology Access Control Security Standard CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin

More information

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1 Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

Description of Colocation Centre, Scope of Services

Description of Colocation Centre, Scope of Services audimex Hsting Descriptin f Clcatin Centre, Scpe f Services Status: 26.10.2012 Chairman f the Supervisry Bard: Alexander Schmitz-Elsen, Managing Directrs: Dr. Stefan Berchtld, Markus Hövermann, audimex

More information

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act

More information

CHANGE MANAGEMENT STANDARD

CHANGE MANAGEMENT STANDARD The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the

More information

REQUEST FOR PROPOSAL SECURITY SERVICES

REQUEST FOR PROPOSAL SECURITY SERVICES REQUEST FOR PROPOSAL SECURITY SERVICES Sectin I INTRODUCTION [Cmpany] is seeking prpsals frm qualified Cntractrs t prvide unifrmed security service fr [Cmpany] facilities at [Lcatin(s)]. This dcument is

More information

Houston Controls, Inc Safety Management System

Houston Controls, Inc Safety Management System Hustn Cntrls, Inc Dc N: Revisin Date: 3/16/2011 Revisin N. 1 Next Revisin Date: 3/16/2012 Preparatin: Safety Mgr Authrity: Dennis Jhnstn Issuing Dept: Safety Page: Page 1 f 11 Purpse The purpse f this

More information

Process for Responding to Privacy Breaches

Process for Responding to Privacy Breaches Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Department f Health and Human Services OFFICE OF INSPECTOR GENERAL PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK Inquiries abut this reprt may be addressed t the Office f Public Affairs

More information

How closely does your development follow HUD s Guidance on IPM? Complete the following checklist to assessment your pest management program.

How closely does your development follow HUD s Guidance on IPM? Complete the following checklist to assessment your pest management program. 1. Cmmunicate Plicies Cmmunicate wnership/ management s IPM plicies and prcedures t: All building ccupants Administrative staff Maintenance persnnel Cntractrs. Written pest cntrl plicy in place. Plicy

More information

Remote Working (Policy & Procedure)

Remote Working (Policy & Procedure) Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

DisplayNote Technologies Limited Data Protection Policy July 2014

DisplayNote Technologies Limited Data Protection Policy July 2014 DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f

More information

DATE APPROVED March 2011. Version Date Comments / Changes 1.0 March 2011 Initial policy released

DATE APPROVED March 2011. Version Date Comments / Changes 1.0 March 2011 Initial policy released Page 1 f 11 APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial plicy released 1. PURPOSE OF THIS POLICY T define the purpses fr which Crprate Purchase Cards are t be used

More information

First Global Data Corp.

First Global Data Corp. First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First

More information

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010 OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity

More information

White Paper for Mobile Workforce Management and Monitoring Copyright 2014 by Patrol-IT Inc. www.patrol-it.com

White Paper for Mobile Workforce Management and Monitoring Copyright 2014 by Patrol-IT Inc. www.patrol-it.com White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm 2

More information

Helicopter Landing Sites Planning, Implementation and Management

Helicopter Landing Sites Planning, Implementation and Management Directive # QH-HSD-039:2013 Effective Date: 01 July 2013 Review Date: 01 July 2016 Supersedes: Nil Landing Sites Planning, Implementatin and Management Purpse The purpse f this Health Service Directive

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

In-House Counsel Day Priorities for 2012. Cloud Computing the benefits, potential risks and security for the future

In-House Counsel Day Priorities for 2012. Cloud Computing the benefits, potential risks and security for the future In-Huse Cunsel Day Pririties fr 2012 Clud Cmputing the benefits, ptential risks and security fr the future Presented by David Richardsn Thursday 1 March 2012 WIN: What in-huse lawyers need Knwledge, supprt

More information

DISASTER RECOVERY PLAN TEMPLATE

DISASTER RECOVERY PLAN TEMPLATE www.disasterrecveryplantemplate.rg The bjective f a disaster recvery plan is t ensure that yu can respnd t a disaster r ther emergency that affects infrmatin systems and minimize the effect n the peratin

More information

ensure that all users understand how mobile phones supplied by the council should and should not be used.

ensure that all users understand how mobile phones supplied by the council should and should not be used. Mbile Phne Plicy & Guidance Intrductin This plicy is designed t safeguard bth the cuncil and users f mbile phnes supplied by Angus Cuncil. It aims t ensure that these are used effectively, fr their intended

More information

Completing the CMDB Circle: Asset Management with Barcode Scanning

Completing the CMDB Circle: Asset Management with Barcode Scanning Cmpleting the CMDB Circle: Asset Management with Barcde Scanning WHITE PAPER The Value f Barcding Tday, barcdes are n just abut everything manufactured and are used fr asset tracking and identificatin

More information

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and

More information

Sources of Federal Government and Employee Information

Sources of Federal Government and Employee Information Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

Malpractice and Maladministration Policy

Malpractice and Maladministration Policy TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs

More information

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin

More information

RSA SecurID Software Token Security Best Practices Guide. Version 3

RSA SecurID Software Token Security Best Practices Guide. Version 3 RSA SecurID Sftware Tken Security Best Practices Guide Versin 3 Cntact Infrmatin G t the RSA crprate web site fr reginal Custmer Supprt telephne and fax numbers: www.rsa.cm. Trademarks RSA, the RSA Lg

More information

SaaS Listing CA Cloud Service Management

SaaS Listing CA Cloud Service Management SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters

More information

State of Wisconsin. File Server Service Service Offering Definition

State of Wisconsin. File Server Service Service Offering Definition State f Wiscnsin File Server Service Service Offering Definitin Dcument Revisin Histry Date Versin Creatr Ntes 2/16/2008 1.0 JD Urfer First pass 2/16/2008 2.0 Tm Runge Editing changes 2/19/2009 2.1 Tm

More information

Tree Permit Process Intake: (A) (B) (C) (D) (A combination of checklists may be applicable depending on the scope of work) Review:

Tree Permit Process Intake: (A) (B) (C) (D) (A combination of checklists may be applicable depending on the scope of work) Review: Tree Permit Prcess Intake: 1. Applicants may btain the Tree Permit Applicatins frm the Envirnmental Resurces Divisin in the Planning and Zning Department lcated at 444 SW 2 nd Avenue, 3 rd Flr, Miami,

More information

State of California California Technology Agency. Software Management Plan Guidelines

State of California California Technology Agency. Software Management Plan Guidelines State f Califrnia Califrnia Technlgy Agency Sftware Management Plan Guidelines Revised April 2011 Sectin 1 1.0 Overview INTRODUCTION TO SOFTWARE MANAGEMENT PLANNING The State Administrative Manual (SAM)

More information

Information Security Policy

Information Security Policy Purpse The risk t Charlestn Suthern University, its emplyees and students frm data lss and identity theft is f significant cncern t the University and can be reduced nly thrugh the cmbined effrts f every

More information

Service List / Options

Service List / Options Service List / Optins Ontari Envirnmental & Safety Netwrk Ltd. 184 Sctt Street, St. Catharines, ON www.esn.net 1-888-271-2111 Water Twer, Bridge and Ship Restratin Lead Health and Safety Plan Drawings

More information

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S Service Level Agreement (SLA) Hsted Prducts Netp Business Slutins A/S Cntents 1 Service Level Agreement... 3 2 Supprt Services... 3 3 Incident Management... 3 3.1 Requesting service r submitting incidents...

More information

In addition to assisting with the disaster planning process, it is hoped this document will also::

In addition to assisting with the disaster planning process, it is hoped this document will also:: First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business

More information

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents

More information

CMS Eligibility Requirements Checklist for MSSP ACO Participation

CMS Eligibility Requirements Checklist for MSSP ACO Participation ATTACHMENT 1 CMS Eligibility Requirements Checklist fr MSSP ACO Participatin 1. General Eligibility Requirements ACO participants wrk tgether t manage and crdinate care fr Medicare fee-fr-service beneficiaries.

More information

Advanced SaaS Security Measures

Advanced SaaS Security Measures BlueTie Business Email White Paper Advanced SaaS Security Measures Overview f BlueTie Security BlueTie, Inc. 220 Kenneth Drive Rchester, NY 14623 USA (800) BLUE TIE www.bluetie.cm TABLE OF CONTENTS Abstract...

More information

Rule 4-004I Payment Card Industry (PCI) Virus and Vulnerability Management (proposed)

Rule 4-004I Payment Card Industry (PCI) Virus and Vulnerability Management (proposed) Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004I Payment Card Industry (PCI) Virus and Vulnerability Management (prpsed) 01.1 Purpse The

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students Bring Yur Own Device Plicy fr Students Purpse This plicy utlines the acceptable use f electrnic devices t maintain a safe and secure educatin envirnment with the gal f preparing students fr the future,

More information

IMHU-HRM-A February 15, 2012 PAI SOP. Ft. Huachuca Personnel Asset Inventory - SOP

IMHU-HRM-A February 15, 2012 PAI SOP. Ft. Huachuca Personnel Asset Inventory - SOP Ft. Huachuca Persnnel Asset Inventry - SOP I. Respnsible agencies are: Unit Battalin r separate cmpany S1 (S1) Brigade S1 Military Persnnel Divisin (MPD) Persnnel Autmatin Sectin (PAS) G1, AG, Military

More information

nbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents.

nbn is committed to identifying hazards, preventing workplace accidents and minimising dangerous health safety and environment incidents. Incident & Hazard Reprting Overview At nbn we are safe, disciplined and reliable. nbn is cmmitted t preventing injury, illness and envirnmental harm by prviding a safe and healthy wrking envirnment fr

More information

We will record and prepare documents based off the information presented

We will record and prepare documents based off the information presented Dear Client: We appreciate the pprtunity f wrking with yu regarding yur Payrll needs. T ensure a cmplete understanding between us, we are setting frth the pertinent infrmatin abut the services that we

More information

A Comparison of UK and Chinese Broking Regulation

A Comparison of UK and Chinese Broking Regulation A Cmparisn f UK and Chinese Brking Regulatin David Cupe Partner +44 (0)203 553 4884 david.cupe@ec3legal.cm The fllwing tables are a cmparisn f UK and Chinese brking regulatins including the Llyd s regulatins.

More information

Addressing Drug and Device Recalls in Hospitals

Addressing Drug and Device Recalls in Hospitals Addressing Drug and Device Recalls in Hspitals Develped by participants at the meetings f the Califrnia State Bard f Pharmacy s Subcmmittee t Evaluate Drug Distributin in Hspitals January 2010 BOARD MEMBERS

More information

NHVAS Mass Management Spot Check Checklist

NHVAS Mass Management Spot Check Checklist Legal Entity Name f NHVAS Operatr: DTMR Representative: Lcatin: NHVAS Mass Management Spt Check Checklist Spt Check Date: Spt Check Number: DMS Number: 540/ The fllwing surces f evidence have been identified

More information

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5 Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet

More information

NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY

NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY 1 DOCUMENT CONTROL SHEET Name f Dcument: Safehaven Plicy Versin: 1 File Lcatin / Dcument Name: Held by Senir Infrmatin Risk Owner (SIRO):

More information

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network 2361/Page 1 f 6 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk It is the gal f the HTPS (Hillsbrugh Twnship Public Schls) Netwrk t prmte educatinal

More information

IT Help Desk Service Level Expectations Revised: 01/09/2012

IT Help Desk Service Level Expectations Revised: 01/09/2012 IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+

More information

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company, 2014-2021 Multi-Year Accessibility Plicy and Plan fr NSF Canada and NSF Internatinal Strategic Registratins Canada Cmpany, 2014-2021 This 2014-21 accessibility plan utlines the plicies and actins that NSF Canada

More information

RSA Authentication Manager 5.2 and 6.1 Security Best Practices Guide. Version5

RSA Authentication Manager 5.2 and 6.1 Security Best Practices Guide. Version5 RSA Authenticatin Manager 5.2 and 6.1 Security Best Practices Guide Versin5 Cntact Infrmatin G t the RSA crprate web site fr reginal Custmer Supprt telephne and fax numbers: www.rsa.cm. Trademarks RSA,

More information

Electronic Health Information Exchange. Volume 3: Business Rules General All Points of Service

Electronic Health Information Exchange. Volume 3: Business Rules General All Points of Service British Clumbia Prfessinal and Sftware Cnfrmance Standards Electrnic Health Infrmatin Exchange Vlume 3: Business Rules General All Pints f Service Versin 0.2 2014-11-24 Security Classificatin: Lw Sensitivity

More information

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy WHAT YOU NEED TO KNOW ABOUT Prtecting yur Privacy YOUR PRIVACY IS OUR PRIORITY Credit unins have a histry f respecting the privacy f ur members and custmers. Yur Bard f Directrs has adpted the Credit Unin

More information

What Information Is Collected and How Is It Collected?

What Information Is Collected and How Is It Collected? RCI PRIVACY NOTICE RCI Pacific Pty Ltd is cncerned abut privacy issues and wants yu t be familiar with hw we cllect, use and disclse infrmatin. This Privacy Ntice describes ur practices in cnnectin with

More information

State Fleet Card Oversight Usage and Responsibilities

State Fleet Card Oversight Usage and Responsibilities State Fleet Card Oversight Usage and Respnsibilities Intrductin The Department f General Services (DGS), Office f Fleet and Asset Management (OFAM) administers a statewide ne-prvider payment system cntract

More information

TOWN OF PAYSON WATER DEPARTMENT BACKFLOW PREVENTION PROGRAM CUSTOMER INFORMATION PACKAGE

TOWN OF PAYSON WATER DEPARTMENT BACKFLOW PREVENTION PROGRAM CUSTOMER INFORMATION PACKAGE TOWN OF PAYSON WATER DEPARTMENT BACKFLOW PREVENTION PROGRAM CUSTOMER INFORMATION PACKAGE TOWN OF PAYSON Backflw Preventin Prgram Develpers, Cntractrs and Paysn Residents: An apprved backflw preventin assembly

More information

CUSTOMER Information Security Audit Report

CUSTOMER Information Security Audit Report CUSTOMER Infrmatin Security Audit Reprt Versin 1.0 Date Wednesday, 18 January 2006 SafeCms Internet: www.safecms.cm Email: mailt:inf@safecms.cm 2001 Chartered Square Building. 20 th Fl, 152 Nrth Sathrn

More information

Eligibility to Operate Company Vehicle

Eligibility to Operate Company Vehicle COMPANY VEHICLE POLICY Plicy The purpse f this Plicy is t ensure the safety f thse individuals wh drive cmpany vehicles. Vehicle accidents are cstly t ur cmpany, but mre imprtantly, they may result in

More information

Name. Description. Rationale

Name. Description. Rationale Cmplliiance Cmpnentt Descriptin Ratinale Benefits List the Dmain List the Discipline List the Technlgy Area List Prduct Cmpnent Dcument the Cmpliance Cmpnent Type Cmpnent Sub-type DEEFFI INITION Hst-Based

More information

OITS Service Level Agreement

OITS Service Level Agreement OITS Service Level Agreement Objective A Service Level Agreement (SLA) describes the IT Service, dcuments Service Level Targets, and specifies the respnsibilities f the IT Service Prvider and the Custmer.

More information

Disaster Recovery and Business Continuity Plan

Disaster Recovery and Business Continuity Plan Dcument Preview This is nly a prtin f the entire, custmizable dcument. KEEP IN DISASTER RECOVERY PLAN and a cpy ff-site Disaster Recvery and Business Cntinuity Plan Fr Name f Cmpany Name Lcatin f Date

More information

A.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE. Subject: Dissemination Number: CRPC Policy 5

A.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE. Subject: Dissemination Number: CRPC Policy 5 A.M. BEST RATING SERVICES, INC. RATING DIVISION INTERNAL POLICY AND PROCEDURE Subject: Disseminatin Number: CRPC Plicy 5 Effective Date: Nvember 29, 2006 Revisin Date: January 04, 2016 Purpse: The purpse

More information

Employees - recruitment, records and monitoring

Employees - recruitment, records and monitoring Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,

More information

System Business Continuity Classification

System Business Continuity Classification Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required

More information

TITLE: Supplier Contracting Guidelines Process: FIN_PS_PSG_050 Replaces: Manual Sections 6.4, 7.1, 7.5, 7.6, 7.11 Effective Date: 10/1/2014 Contents

TITLE: Supplier Contracting Guidelines Process: FIN_PS_PSG_050 Replaces: Manual Sections 6.4, 7.1, 7.5, 7.6, 7.11 Effective Date: 10/1/2014 Contents TITLE: Supplier Cntracting Guidelines Prcess: FIN_PS_PSG_050 Replaces: Manual Sectins 6.4, 7.1, 7.5, 7.6, 7.11 Cntents 1 Abut university supplier cntracting... 2 2 When is a cntract required?... 2 3 Wh

More information

IT Account and Access Procedure

IT Account and Access Procedure IT Accunt and Access Prcedure Revisin Histry Versin Date Editr Nature f Change 1.0 3/23/06 Kelly Matt Initial Release Table f Cntents 1.0 Overview... 1 2.0 Purpse... 1 3.0 Scpe... 1 4.0 Passwrds... 1 4.1

More information

As with any occupancy, it is essential to implement standard property loss prevention programs in your warehouse facility. These programs include:

As with any occupancy, it is essential to implement standard property loss prevention programs in your warehouse facility. These programs include: Causes include ht wrk, smking, inapprpriate cntractr actins, and arsn. Cntributing factrs include pr husekeeping, impaired fire prtectin, and inadequate respnse t fires. Implementing lss preventin prgrams

More information

ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY. Approved by Governing Body on: 6 th May 2015

ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY. Approved by Governing Body on: 6 th May 2015 ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY Gvernrs Cmmittee: Finance and General Purpses Apprved by Gverning Bdy n: 6 th May 2015 Signed: (Chair f Cmmittee) Signed: (Headteacher) Date t be

More information