ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY. Approved by Governing Body on: 6 th May 2015
|
|
- Karen Lucas
- 8 years ago
- Views:
Transcription
1 ALBAN CHURCH OF ENGLAND ACADEMY COMPUTER SECURITY POLICY Gvernrs Cmmittee: Finance and General Purpses Apprved by Gverning Bdy n: 6 th May 2015 Signed: (Chair f Cmmittee) Signed: (Headteacher) Date t be reviewed: May 2017
2 1. Physical Equipment Security COMPUTER SECURITY POLICY 1.1 Where pssible, cmputer equipment will be sited s as t reduce the risk f unauthrised access and damage. Laptp trllies t be stred in lcked ICT rms at night. 1.2 The details f all cmputer equipment will be recrded in the fficial inventry. 1.3 Cmputer hardware will be security marked as apprpriate by the ICT Technician. 1.4 A recrd will be kept by the ICT Technician f any IT equipment, excluding items cvered by the Laptp Lan Agreement, taken ff site. The remval f equipment frm the Academy s premises must be authrised by the Headteacher. 1.5 Staff allcated r having use f Academy laptps must sign a laptp lan agreement n an annual basis. 1.6 The fficers respnsible fr physical equipment security are the Headteacher and the Netwrk Manager. 2. Backup Prcedures 2.1 All data held n the Academy s server will be backed up at least nce a day, excluding weekends. 2.2 All nsite backups will be stred n the NAS Drive and will be preserved fr at least furteen wrking days. 2.3 The latest versin f the cmputer backup will be stred ff site and the nsite set f backup disks will be kept in a fire-prf cabinet when nt in use. 2.4 The fficer respnsible fr backup prcedures is the Netwrk Manager. 3. Virus Detectin 3.1 All cmputers will have virus preventin and detectin sftware installed within their start-up prcedures. The sftware shuld be updated regularly. Currently, McAfee VirusScan Enterprise 8.8 is used. Staff with Academy laptps are respnsible fr manually checking these have updated n a daily basis. 3.2 The Virus Scan checks remvable strage devices fr viruses befre use althugh the use f such strage devices is strngly discuraged 3.3 The use f unlicensed sftware is prhibited. 3.4 All sftware must be authrised by the Netwrk Manager.
3 3.5 Any perceived virus attack shuld be immediately reprted t the Netwrk Manager r ICT Technician. 3.6 The fficer respnsible fr virus detectin prcedures is the Netwrk Manager. 4. Sftware Cntrls 4.1 All sftware maintained n the Academy s cmputers must be prperly wned by the Academy. Sftware may nly be used in accrdance with the licence agreements. 4.2 All licences and system disks will be held in a lckable cupbard in the ICT Office. 4.3 An inventry f all sftware maintained n the Academy s cmputers will be kept by the ICT Technician tgether with relevant serial numbers. 4.4 Access t sftware will be restricted t authrised staff. 4.5 The Schl Manager and Netwrk Manager are the Systems Managers fr PS Financials and SIMS. They are the nly peple wh may issue passwrds and amend access levels. The Netwrk Manager is the Systems Manager fr all ther cmputer matters. 4.6 Users f the Academy s cmputer system will be issued with individual user accunts. 4.7 It shuld be ensured that passwrds are kept cnfidential. They shuld be changed if it is felt that security has been cmprmised. 4.8 Staff must lck r lg ff the cmputer system befre leaving the cmputer unattended. All machines shuld be shut dwn at the end f each day. 4.9 When staff leave, their user accunts will be deleted immediately by the Systems Manager Any suspected breach f security will be immediately reprted t the Netwrk Manager The fficer respnsible fr sftware cntrls is the Netwrk Manager. 5. Legal Obligatins 5.1 All staff shuld be made aware f the requirements and their respnsibilities in relatin t the fllwing legal statutes: 1984 Data Prtectin Act 1986 Cpyright, Designs and Patents Act (extended t cver cmputing sftware) 1990 Cmputer Misuse Act 6. Acquisitin, Maintenance and Dispsal f Hardware 6.1 The Headteacher has verall respnsibility fr the acquisitin, maintenance and dispsal f equipment.
4 6.2 Three qutatins will be btained fr items csting mre than 5000 t ensure best value. 6.3 Official rders will always be used t make any purchases. 6.4 The write ff and dispsal f equipment shuld be authrised by the Headteacher and Gverning Bdy, if apprpriate. See Appendix Acquisitin and dispsal f equipment must be in accrdance with the Academies Financial Handbk. 7. User Training 7.1 Users shuld receive apprpriate training in the crrect use f the Academy s ICT facilities including use f sftware packages and security arrangements. 8. Disaster Recvery 8.1 There will be adequate arrangements in place fr disaster recvery, including emergency prcedures, manual fallback plans and resumptin prcedures. 8.2 The fficer respnsible fr disaster recvery is the Netwrk Manager. 8.3 The Academy has adequate backup facilities t enable a restre f all data in the event f a disaster. 8.4 Server Security prcedures will be fllwed at all times. See Appendix 2
5 Appendix 1 Dispsal f Redundant ICT Equipment Plicy All redundant ICT equipment will be dispsed f thrugh an authrised agency r via a reputable Business Services dispsal scheme. This shuld include a written receipt tgether with a certificate f data destructin in accrdance with current legislatin EN 15713:2009 fr the item / items including an acceptance f respnsibility fr the destructin f any data. All redundant ICT equipment that may have held persnal data will have the strage media ver written multiple times t ensure the data is irretrievably destryed. Or if the strage media has failed it will be physically destryed. We will nly use authrised cmpanies wh will supply a written guarantee that this will happen. Dispsal f any ICT equipment will cnfrm t: The Waste Electrical and Electrnic Equipment Regulatins 2006 The Waste Electrical and Electrnic Equipment (Amendment) Regulatins Data Prtectin Act Electricity at Wrk Regulatins The Academy will maintain a cmprehensive inventry f all its ICT equipment including a recrd f dispsal. The Academy s dispsal recrd will include: Date item dispsed f Authrisatin fr dispsal, including: verificatin f sftware licensing any persnal data likely t be held n the strage media? Hw it was dispsed f eg waste, gift, sale Name f persn & / r rganisatin wh received the dispsed item * if persnal data is likely t be held the strage media will be ver written multiple times t ensure the data is irretrievably destryed. Any redundant ICT equipment being cnsidered fr sale / gift will have been subject t a recent electrical safety check and hld a valid PAT certificate. Further infrmatin available at:
6 Waste Electrical and Electrnic Equipment (WEEE) Regulatins Envirnment Agency web site Appendix 2 Servers Newly installed servers hlding persnal data shuld be encrypted, therefre passwrd prtecting data. Always keep servers in a lcked and secure envirnment Limit access rights Always passwrd prtect and lck the server Existing servers shuld have security sftware installed apprpriate t the machine s specificatin Backup tapes shuld be encrypted by apprpriate sftware Data must be backed up regularly Backup tapes/discs must be securely stred in a fireprf cntainer Backup media stred ff-site must be secure
Data Protection Policy & Procedure
Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationDisplayNote Technologies Limited Data Protection Policy July 2014
DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f
More informationGUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More informationRemote Working (Policy & Procedure)
Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer
More informationPersonal Data Security Breach Management Policy
Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner
More informationRecords management guidance 12. Disposing of Information
Recrds management guidance 12 Dispsing f Infrmatin Dispsing f Infrmatin Why dispse f recrds? T save space, time and equipment. T find the right (versin f) infrmatin quickly and efficiently. T meet bligatins
More informationTechnical Writing - TheUsers Visa (SHR User Accunt)
POLICY Number: 7311-25-004 Title: Saskatn Health Regin User Accunt Plicy Authrizatin [ ] President and CEO [X] Vice President, Finance and Crprate Services Surce: Directr, Infrmatin Technlgy Services Crss
More informationPlus500CY Ltd. Statement on Privacy and Cookie Policy
Plus500CY Ltd. Statement n Privacy and Ckie Plicy Statement n Privacy and Ckie Plicy This website is perated by Plus500CY Ltd. ("we, us r ur"). It is ur plicy t respect the cnfidentiality f infrmatin and
More informationPOLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014
State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)
More informationData Protection Act Data security breach management
Data Prtectin Act Data security breach management The seventh data prtectin principle requires that rganisatins prcessing persnal data take apprpriate measures against unauthrised r unlawful prcessing
More informationVCU Payment Card Policy
VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this
More informationFire Safety, Procedures and Risk Assessment
Fire Safety, Prcedures and Risk Assessment Miltn Keynes Preparatry Schl PART 1: FIRE SAFETY INTRODUCTION Our pririty is t minimise the risk t life and t reduce injury by maintaining the physical fire safety
More informationTrustED Briefing Series:
TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers
More informationBLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS
BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin
More informationVersion Date Comments / Changes 1.0 January 2015 Initial Policy Released
Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance
More informationBackups and Backup Strategies
IT Security Office Versin 2.3 02/19/10 Backups and Backup Strategies IT managers need t plan fr backups in terms f time and space required. Hwever, mst mdern backup sftware can cmpress the backup files
More informationCPIT Aoraki ICT Asset and Media Security Standard
CPIT Araki Crprate Services Divisin: ICT This security standard refers t CPIT, which is the current legal name fr the new rganisatin established 1 January 2016 bringing tgether CPIT and Araki Plytechnic.
More informationNHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY
NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP SAFEHAVEN POLICY 1 DOCUMENT CONTROL SHEET Name f Dcument: Safehaven Plicy Versin: 1 File Lcatin / Dcument Name: Held by Senir Infrmatin Risk Owner (SIRO):
More informationNorwood Public Schools Internet & Cell Phone Use Agreement School Year 2015-16
Yu must read and agree t fllw the netwrk rules belw t use yur netwrk accunt r access the internet. Nrwd Public Schls makes available t students access t cmputers and the Internet. Students are expected
More informationWadham College Information Security Policy
Wadham Cllege Infrmatin Security Plicy 1. Intrductin In July 2012 the University f Oxfrd apprved its Infrmatin Security plicy that had been created t prtect the University frm serius infrmatin security
More informationMonthly All IFS files, all Libraries, security and configuration data
Server Backup Plicy Intrductin Data is ne f Banks DIH Limited s mst imprtant assets. In rder t prtect this asset frm lss r destructin, it is imperative that it be safely and securely captured, cpied, and
More informationHIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337
HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders
More informationFAYETTEVILLE STATE UNIVERSITY
FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty
More informationUniversity of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
More informationEmployees - recruitment, records and monitoring
Emplyees - recruitment, recrds and mnitring This guidance has been prduced t help rganisatins cmply with the Data Prtectin Act (DPA) when recruiting and emplying wrkers. It is relevant t public sectr emplyers,
More informationSources of Federal Government and Employee Information
Inf Surce Surces f Federal Gvernment and Emplyee Infrmatin Ridley Terminals Inc. TABLE OF CONTENTS General Infrmatin Intrductin t Inf Surce Backgrund Respnsibilities Institutinal Functins, Prgram and Activities
More informationUnified Infrastructure/Organization Computer System/Software Use Policy
Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help
More informationWoodstock Multimedia, INC. Software/Hardware Usage Policy
Wdstck Multimedia, INC. Sftware/Hardware Usage Plicy POLICY PURPOSE The purpse f the Wdstck Multimedia, INC. Sftware / Hardware Usage Plicy is t ensure that Wdstck Multimedia, INC. emplyees are prperly
More informationHow To Ensure Your Health Care Is Safe
Guidelines fr Custdians t assess cmpliance with the Persnal Health Infrmatin Privacy and Access Act (PHIPAA) This dcument is designed t help custdians evaluate readiness fr cmpliance with PHIPAA and t
More informationIn addition to assisting with the disaster planning process, it is hoped this document will also::
First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business
More informationHow To Ensure That The Internet Is Safe For A Health Care Worker
POLICY Dc. Cde: IS I5 INTERNET - ACCEPTABLE USE Applicable t: MidCentral DHB Including MidCentral Health & Enable NZ Issued by: Infrmatin Systems Cntact: Manager Service Delivery 1. PURPOSE This plicy
More informationADMINISTRATION AND FINANCE POLICIES AND PROCEDURES TABLE OF CONTENTS
CONTROL Revisin Date: 1/21/03 TABLE OF CONTENTS 10.01 OVERVIEW OF ACCOUNTING FOR INVESTMENT IN PLANT... 2 10.01.1 CURRENT POLICY... 2 10.02 INVENTORY MAINTENANCE AND CONTROL... 3 10.02.1 PROCEDURES FOR
More informationA. Early Case Assessment
Electrnic Discvery Reference Mdel Standards fr the identificatin f electrnically stred infrmatin in discvery http://www.edrm.net/resurces/standards/identificatin A. Early Case Assessment Once a triggering
More informationRUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer
RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible
More informationEA-POL-015 Enterprise Architecture - Encryption Policy
Technlgy & Infrmatin Services EA-POL-015 Enterprise ure - Encryptin Plicy Authr: Craig Duglas Date: 17 March 2015 Dcument Security Level: PUBLIC Dcument Versin: 1.0 Dcument Ref: EA-POL-015 Dcument Link:
More informationLetter of Engagement. as instructed from time to time in respect of your/the company/trusts affairs
We enclse material which sets ut: Letter f Engagement Infrmatin fr clients which lawyers are required by the New Zealand Law Sciety t prvide; and Our standard terms f engagement. Services t be prvided
More informationCorporate Standards for data quality and the collation of data for external presentation
The University f Kent Crprate Standards fr data quality and the cllatin f data fr external presentatin This paper intrduces a set f standards with the aim f safeguarding the University s psitin in published
More informationSupersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5
Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet
More informationInformation Security Policy
Infrmatin Security Plicy Last updated: 09 March 2010 Plicy Assigned t: Chief Infrmatin Officer, ICT Table f Cntents 1. Overview... 2 2. Backgrund... 2 3. Cverage... 2 4. Definitins... 3 5. Risk Assessment
More informationensure that all users understand how mobile phones supplied by the council should and should not be used.
Mbile Phne Plicy & Guidance Intrductin This plicy is designed t safeguard bth the cuncil and users f mbile phnes supplied by Angus Cuncil. It aims t ensure that these are used effectively, fr their intended
More informationLegal Issues Bulletin
Legal Issues Bulletin N. 8 reviewed May 2015 Claims fr lss f r damage t persnal prperty and use f private mtr vehicles by staff, parents and students Legal Issues Bulletin 39 - Preparatin and use f accident
More informationNHVAS Mass Management Spot Check Checklist
Legal Entity Name f NHVAS Operatr: DTMR Representative: Lcatin: NHVAS Mass Management Spt Check Checklist Spt Check Date: Spt Check Number: DMS Number: 540/ The fllwing surces f evidence have been identified
More informationIMPLEMENTATION DETAILS
Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry
More informationFAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT
FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028
More informationSchools Information and ICT Security Model Policy Reviewed November 2014
Schls Infrmatin and ICT Security Mdel Plicy Reviewed Nvember 2014 Name f schl St Jhns Cathlic Primary Date established by the Gverning Bdy... April 2015 Date fr full implementatin June 2015 Date fr Review...
More informationMalpractice and Maladministration Policy
TR340 Malpractice and Maladministratin Plicy This plicy aims t: Define malpractice and maladministratin in the cntext f CIM/CAM studying members, Accredited study centres (ASCs), examinatin centres, invigilatrs
More informationChristchurch Polytechnic Institute of Technology Access Control Security Standard
CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin
More informationTITLE: RECORDS AND INFORMATION MANAGEMENT POLICY
TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act
More informationState of California California Technology Agency. Software Management Plan Guidelines
State f Califrnia Califrnia Technlgy Agency Sftware Management Plan Guidelines Revised April 2011 Sectin 1 1.0 Overview INTRODUCTION TO SOFTWARE MANAGEMENT PLANNING The State Administrative Manual (SAM)
More informationSession 9 : Information Security and Risk
INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin
More informationPeratr Accreditatin and Services in Queensland
Infrmatin Bulletin PT 204/09.15 Operatr Accreditatin fr Limusine Services What is peratr accreditatin? The Transprt Operatins (Passenger Transprt) Act 1994 requires peratrs f public passenger services
More informationProcess of Setting up a New Merchant Account
Prcess f Setting up a New Merchant Accunt Table f Cntents PCI DSS... 3 Wh t cntact?... 3 Bakcgrund n PCI... 3 Why cmply?... 3 Hw t cmply?... 3 PCI DSS Scpe... 4 Des PCI DSS Apply t Me?... 4 What if I am
More informationUniversity of Kent. Quality Assurance Office Quality Assurance: Documentation Retention and Archiving Policy
Quality Assurance Office Quality Assurance: Dcumentatin Retentin and Archiving Plicy This plicy sets ut apprved dcument retentin perids in rder that Kent may meet its bligatins t students; cmply with quality
More informationFirst Global Data Corp.
First Glbal Data Crp. Privacy Plicy As f February 23, 2015 Ding business with First Glbal Data Crp. ("First Glbal", First Glbal Mney, "we" r "us", which includes First Glbal Data Crp. s subsidiary, First
More informationNYU Langone Medical Center NYU Hospitals Center NYU School of Medicine
Title: Identity Theft Prgram Effective Date: July 2009 NYU Langne Medical Center NYU Hspitals Center NYU Schl f Medicine POLICY It is the plicy f the NYU Langne Medical Center t educate and train staff
More informationSelf- certification Criteria for companies participating in the European Self- Regulatory Programme on OBA. Document version: 1.1
Self- certificatin Criteria fr cmpanies participating in the Eurpean Self- Regulatry Prgramme n OBA Dcument versin: 1.1 Date: 16 Nvember 2012 Table f cntents 1. Intrductin 3 2. Criteria fr self- certificatin
More informationHillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network
2361/Page 1 f 6 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk It is the gal f the HTPS (Hillsbrugh Twnship Public Schls) Netwrk t prmte educatinal
More informationNew York Institute of Technology Faculty and Staff Email Retention Policy
New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f
More informationA Comparison of UK and Chinese Broking Regulation
A Cmparisn f UK and Chinese Brking Regulatin David Cupe Partner +44 (0)203 553 4884 david.cupe@ec3legal.cm The fllwing tables are a cmparisn f UK and Chinese brking regulatins including the Llyd s regulatins.
More informationUBC Incident Response Plan V1.5
UBC Incident Respnse Plan V1.5 Cntents 1. Ratinale... 2 2. Objective... 2 3. Applicatin... 2 4. Reprting a Cmputer Security Incident... 2 5. Managing the Security Incident... 2 5.1. All Incidents... 2
More informationTexas Woman's University University Policy Manual
Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September
More informationDaventry District Council Corporate Debt Policy. April 6 th 2014
Daventry District Cuncil Crprate Debt Plicy April 6 th 2014 Reprt Reference: SG.160212/9 Page 53 Intrductin The key aim f this plicy is t ensure a prfessinal, cnsistent and timely apprach t the recvery
More informationImmaculate Conception School, Prince George Bring Your Own Device Policy for Students
Bring Yur Own Device Plicy fr Students Purpse This plicy utlines the acceptable use f electrnic devices t maintain a safe and secure educatin envirnment with the gal f preparing students fr the future,
More informationCPIT Aoraki Communications and Operations Management
This security standard refers t CPIT, which is the current legal name fr the new rganisatin established 1 January 2016 bringing tgether CPIT and Araki Plytechnic. Knwn as CPIT Araki the new rganisatin
More informationKey Steps for Organizations in Responding to Privacy Breaches
Key Steps fr Organizatins in Respnding t Privacy Breaches Purpse The purpse f this dcument is t prvide guidance t private sectr rganizatins, bth small and large, when a privacy breach ccurs. Organizatins
More informationProcess for Responding to Privacy Breaches
Prcess fr Respnding t Privacy Breaches 1. Purpse 1.1 This dcument sets ut the steps that ministries must fllw when respnding t a privacy breach. It must be read in cnjunctin with the Infrmatin Incident
More information5.2.1 Passwords. Information Technology Policy. Policy. Purpose. Policy Statement. Applicability of this Policy
Infrmatin Technlgy Plicy 5.2.1 Passwrds Plicy Area: 5.2 Security Title: 5.2.1 Passwrds Issued by: Assistant Vice-President/CIO, ITS Date Issued: 2006 July 24 Last Revisin Date: 2011 Octber 19 Apprved by:
More informationOnline Banking Agreement
Online Banking Agreement 1. General This Online Banking Agreement, which may be amended frm time t time by us (this "Agreement"), fr accessing yur Clrad Federal Savings Bank accunt(s) via the Internet
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationTHE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM
THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant
More informationFinance, Performance and Risk Committee 2014/2015
Finance, Perfrmance and Risk Cmmittee 2014/2015 Date f Meeting: 17 December 2014 Agenda Item: Click here t enter text. Subject: Infrmatin Gvernance Plicy Reprting Officer: Paul Byrne Lead IG Manager Aim
More informationLINCOLNSHIRE POLICE Policy Document
LINCOLNSHIRE POLICE Plicy Dcument 1. POLICY IDENTIFICATION PAGE POLICY TITLE: ICT CHANGE & RELEASE MANAGEMENT POLICY POLICY REFERENCE NO: PD 186 POLICY OWNERSHIP: ACPO Cmmissining Officer: Prtfli / Business-area
More informationChapter 7 Business Continuity and Risk Management
Chapter 7 Business Cntinuity and Risk Management Sectin 01 Business Cntinuity Management 070101 Initiating the Business Cntinuity Plan (BCP) Purpse: T establish the apprpriate level f business cntinuity
More informationCorporate Credit Card Policy
Plicy N: 13 Crprate Credit Card Plicy CONTROL: Plicy Type: Authrised by: Head f Pwer: Financial Cuncil Nt Applicable Respnsible Officer: Crprate and Cmmunity Manager Respnsibilities: Review and implement
More informationIT Help Desk Service Level Expectations Revised: 01/09/2012
IT Help Desk Service Level Expectatins Revised: 01/09/2012 Overview The IT Help Desk team cnsists f six (6) full time emplyees and fifteen (15) part time student emplyees. This team prvides supprt fr 25,000+
More informationCOMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE
COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE Mst dealers are familiar with the requirements f the Gramm-Leach-Bliley Act
More informationUMZIMVUBU LOCAL MUNICIPALITY
UMZIMVUBU LOCAL MUNICIPALITY INVENTORY / STOCK MANAGEMENT POLICY 1 DESCRIPTIONS PAGE 1. BACKGROUND 3 2. PURPOSE 3 3. OBJECTIVES 3 4. LEGISLATIVE FRAMEWORK 3 5. DEFINITIONS 4 6. REPLENISHMENT OF STOCK 5
More informationService Level Agreement
Template SDSU-TPL-11085 v1.3 18/1/11 IT Services Service Level Agreement Staff Email and SMTP Accunts (EMSF) Versin: 0.1 01/11/2010 Service Level Agreement: Staff Email and SMTP Accunts (EMSF) Cntents
More informationTo clarify terms used within these policies, the following definitions are provided:
Baker University Email Plicy E-mail services are prvided t the Baker cmmunity in supprt f the educatinal missin f the University and the administrative functins t carry ut that missin. Users f Baker e-mail
More informationIMPLEMENTATION DETAILS
Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry
More informationInformation Services Hosting Arrangements
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
More informationInformation & Communications Technology ICT Security Compliance Guide (Student)
Infrmatin & Cmmunicatins Technlgy ICT Security Cmpliance Guide (Student) RESTRICTED Dcument ID: ICT-SSG Versin 1.1 Effective Date 1 Nv 2011 Dcument Cntrl Revisin Histry Versin Date Descriptin Authr 1.0
More informationHelp Desk Level Competencies
Help Desk Level Cmpetencies Level 1 Take user calls and manage truble tickets Ability t staff and manage the rganizatins helpdesk and effectively respnd t rutine custmer calls Ability t use prper grammar
More informationNational Australia Bank Limited Group Disclosure & External Communications Policy
Natinal Australia Bank Limited Grup Disclsure & External Cmmunicatins Plicy Grup Disclsure & External Cmmunicatins Plicy Page 2 f 7 Grup Disclsure & External Cmmunicatins Plicy ( the Plicy ) 1. Overview
More informationUnderstand Business Continuity
Understand Business Cntinuity Lessn Overview In this lessn, yu will learn abut: Business cntinuity Data redundancy Data availability Disaster recvery Anticipatry Set What methds can be emplyed by a system
More informationISMF Standard 141 Endpoint Protection. OCIO/S4.6 Government standard on cyber security
ISMF Standard 141 OCIO/S4.6 Gvernment standard n cyber security Prepared by: Office f the Chief Infrmatin Officer Versin: v1.0 Date: 12 September 2014 GOVERNMENT STANDARD ON CYBER SECURITY OCIO/S4.6 Cnfidentiality:
More informationCloud-based File Sharing: Privacy and Security Tutorial Institutional Compliance Office July 2013
Clud-based File Sharing: Privacy and Security Tutrial Institutinal Cmpliance Office July 2013 Patient Data in the Clud Prtecting patient privacy is ne f MD Andersn s greatest respnsibilities Technlgies
More informationDocument Management/Archiving Records general guidelines for the UBC Department of Medicine
Dcument Management/Archiving Recrds general guidelines fr the UBC Department f Medicine ADMINISTRATIVE/FINACIAL FILES: Email/Crrespndence - An extremely difficult recrd type t schedule, sme email is clearly
More informationCHANGE MANAGEMENT STANDARD
The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the
More informationRequest for Proposal Technology Services
Avca Schl District 37 Wilmette, IL Request fr Prpsal Technlgy Services Netwrk and Systems Infrastructure Management Services December 5, 2013 Avca Schl District 37 is seeking an IT cnsulting firm t manage
More informationHealth and Safety Training and Supervision
Intrductin: Health and Safety Training and Supervisin University f Nttingham is cmmitted t maintaining and develping standards f excellence in all aspects f its business. T that end, the University aspires
More informationSchools and Preschools Financial Management Policy
Plicy 10/3084 part 3 Schls and Preschls Financial Management Plicy Summary Publicatin Date May 2015 Review Date December 2016 Related Legislatin/Applicable Sectin f Legislatin Related Plicies, Prcedures,
More informationHIPAA Legislation - Key Provisions
HIPAA SECURITY, PRIVACY, AND THE NATIONAL PROVIDER IDENTIFIER Frederick Britten Frt Hays State University Carl Ann Raymnd The University f Gergia Outline HIPAA Review Enfrcement Update Natinal Prvider
More informationSPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010
OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity
More informationAdministration of Medication in School Policy & Procedures
Administratin f Medicatin in Schl Plicy & Prcedures Plicy Last Reviewed: July 2014 Agreed by Directrs: T be cnfirmed Plicy Next Review: July 2016 Inspired t strive fr persnal excellence Redcar Academy
More informationservice description Colocation of Equipment Infrastructure as a Service
easy t adpt, easy t use, easy t leave service descriptin Infrastructure as a Service versin 4.0 Cntents Overview... 3 Example use cases... 3 Pricing... 4 Trial service... 4 Infrmatin assurance... 4 Prduct
More informationCIS 4360: INTRODUCTION TO COMPUTER SECURITY
CIS 4360: INTRODUCTION TO COMPUTER SECURITY Flrida A&M University Cmputer and Infrmatin Sciences Cllege f Arts & Sciences Curse Prerequisite: Cmputer Science majr r permissin f the instructr Required Textbk:
More informationBIBH Duty Statements and Governance chart reviewed and approved April 2014. BIBH Executive Governance & Management Arrangements
BIBH Duty Statements and Gvernance chart reviewed and apprved April 2014 BIBH Executive Gvernance & Management Arrangements BIBH COMMITTEE CEO - Paul O Cnnell Executive Secretary - Brian Firth Executive
More information