Walton Centre. Document Control. Document History Date Version Author Changes 01/10/2004 1.0 A Cobain



Similar documents
Standard Operating Procedure

Walton Centre. Document History Date Version Author Changes 01/10/ A Cobain L Wyatt. Monitoring & Audit

Information Management Policy

OVERTIME POLICY. Method: CD Rom Paper Intranet For Official Use:

Walton Centre. Document History Date Version Author Changes 01/10/ A Cobain L Wyatt 07/01/ L Wyatt Update to procedure

HSE DOCUMENT CONTROL PROCEDURE

Walton Centre. Asset Management. Information Security Management System: SS 03: Asset Management Page 1. Version: 1.

WORCESTERSHIRE MENTAL HEALTH PARTNERSHIP NHS TRUST STARTING SALARIES AND SALARY DISCRETION

Aged Care Document and Intranet Data Control Procedure

PROCEDURE FOR THE CONDEMNING & DISPOSAL OF EQUIPMENT

CAPITAL INVESTMENT POLICY

Data Protection Policy

(NOTE: ALL BS7799 REFERENCES IN THIS DOCUMENT ARE FROM BS7799-2:1999 and SHOULD BE AMENDED TO REFLECT BS7799-2:2002)

WORCESTERSHIRE MENTAL HEALTH PARTNERSHIP NHS TRUST THE CENTRAL ALERT SYSTEM PROCEDURE

WHS DOCUMENT CONTROL GUIDELINES

WHS DOCUMENT MANAGEMENT PROCEDURE

Wan Bao Construction Limited. Environmental Procedure

ISO 14001:2004 Environmental Management System Manual

Claims Management Policy. Director of Corporate Affairs and Communications. First Issued On: 31 March 2009 (version 1.000)

STANDARD OPERATING PROCEDURE FOR RESEARCH. Management of Essential Documents and Trial Folders

Walton Centre. Document History Date Version Author Changes 01/10/ A Cobain L Wyatt 31/03/ L Wyatt Update to procedure

INFORMATION GOVERNANCE POLICY

CCG: IG06: Records Management Policy and Strategy

HSE P0801 HSE Document Control and Records Management Procedure

Pledged Cash Account Agreement

FINANCE POLICY & PROCEDURE (FPP No.10)

IMS-ST-1.04 Document and Record Management. Prepared By: Jacqueline Raynes Print Date: 20/08/13 Version No: V01 Reviewed By: Jeff Innes

When the template is complete, the whole Work Package document can be printed and approved. Saving the Work Package document under its own name

Public Records (Scotland) Act NHS Health Scotland Assessment Report. The Keeper of the Records of Scotland. 5 th August 2015

Policy Group(s) Related Documents: POLICY STATEMENT. Preamble:

Corporate Credit Card Policy and Procedures

DOCUMENT AND RECORDS CONTROL PROCEDURE

Information Governance Strategy. Version No 2.0

TEMPLATE DATA MANAGEMENT PLAN

MANAGEMENT OF PERSONAL FILES POLICY

Departmental Policy Departmental Procedure Instructions/Forms. UCVM DIAGNOSTIC SERVICES UNIT Document Control Procedure

Non Exchange Trading Broker Agreement

Work Life Balance (WLB)

Informatics Policy. Information Governance. Network Account and Password Management Policy

Policies, Procedures & Guidelines

RECORDS MANAGEMENT POLICY

SOCIAL MEDIA POLICY. Senior Governance Officer, NHS North of England Commissioning Support Unit Reference No

Access Control and Account Management Policy Version May 2015

Complying with the Records Management Code: Evaluation Workbook and Methodology

ITIL and ISO/IEC How ITIL can be used to support the delivery of compliant practices for Information Security Management Systems

Data Governance Policy. Staff Only Students Only Staff and Students. Vice-Chancellor

Information Management Advice 50 Developing a Records Management policy

Risk Management Strategy

archiving documents in electronic format

SECURITY INCIDENT HANDLING POLICY

PROCEDURE FOR HANDLING RAPID ALERTS AND RECALLS ARISING FROM QUALITY DEFECTS

Table Of Contents. DOCUMENT CONTROL EHS-XX Page 1 of 7. Environment, Health & Safety

CORPORATE RECORDS MANAGEMENT POLICY

INFORMATION GOVERNANCE

COMMERCIALISM INTEGRITY STEWARDSHIP. Back-up Policy & Guidance

RISK MANAGEMENT POLICY AND STRATEGY. Document Status: Draft. Approved by. Appendix 1. Originator: A Struthers. Updated: A Struthers

WHS DOCUMENT MANAGEMENT PROCEDURE

ABC Farms. ISO Environmental Management System Manual. Prepared By: Approved By: Signature: Date:

ICCS Convention No. 28 Only the French original is authentic

RECORDS MANAGEMENT POLICY

Data Protection Policy June 2014

Terms of use of information and communication technologies at the University of Burgundy

How To Protect Your Personal Information At A College

ITEM NO: 4. Date: 23 March Pam Williams Borough Treasurer Wendy Poole Head of Risk Management Audit Services. Reporting Officers:

Usage Policy Document Profile Box

Proposed Changes to ASX Listing Rules and Guidance Note 9. Corporate Governance Disclosures

Library Intro AC800M

VICTORIAN GOVERNMENT DEPARTMENT ENVIRONMENTAL MANAGEMENT SYSTEM MODEL MANUAL

iso20000templates.com

Memorandum of Understanding

NHSnet SyOP 9.2 NHSnet Portable Security Policy V1. NHSnet : PORTABLE COMPUTER SECURITY POLICY. 9.2 Introduction

BOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February Title: Information Security Policy

Information Management Advice 57 Sample Social Media Acceptable Use Policy

DATA Protection Act - A Review of Version 7

Various Insurance Topics, Including Notifications; the State High Risk Pool; and Mandate Lite Benefit Plans; HB 2107

Editorial Manager: Frequently Asked Questions Editor Problems

Federal law on certification services in the area of the electronic signature

NABL NATIONAL ACCREDITATION

IT change management policy

QUALITY ASSURANCE OPERATIONAL FRAMEWORK. University of Liverpool. Liverpool, L69 7ZX. And. Laureate

Recruitment and Selection Procedure

Additional Hours & Overtime Policy

THE GENERAL UNDERWRITERS AGREEMENT

Company Policy. This document details Auckland Airport's policy on, and rules for dealing in the following securities ("Restricted Securities"):

Trust Informatics Policy. Information Governance. Information Governance Policy

The Constitution of The Informatics Research. Group At. Indiana University Kokomo

Rail Network Configuration Management

Protective Marking Standard Implementation Guide for the Australian Government

Standard operating procedure

Procedure for Document Control and Management

Records Management Policy

TRANSPORT CANADA MARINE SAFETY PLEASURE CRAFT OPERATOR COMPETENCY PROGRAM QUALITY MANAGEMENT SYSTEM FOR ACCREDITATION

Mendix ExpertDesk, Change and Incident Management. Customer Support

Diagnostic Testing Procedures for Ophthalmic Science

AGENDA ITEM: SUMMARY. Author/Responsible Officer: John Worts, ICT Team Leader

INFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE

MANAGEMENT OF MEETING PAPERS AND MINUTES


Policy Document Control Page

Performance Management Policy. Version No 3.1

Transcription:

Page 1 Walton Centre Document Control Document History Date Version Author Changes 01/10/2004 1.0 A Cobain

Page 2 Table of Contents Section Contents 1 Introduction 2 Responsibilities Within This Document 3 Document Definition 4 Procedure Appendix A ISMS Change Notification

Page 3 1. Introduction Information and information systems are important corporate assets and it is essential to take all the necessary steps to ensure that they are at all times protected, available and accurate to support the operation and continued success of the Trust. The Trust acknowledges that we must demonstrate to third parties our expertise in security technology and implementing it. To achieve this it is recognised that we must protect our own assets as well as the environment. The aim of the Trust s Security Policy, Security Standards and Work Instruction Manual is to maintain the confidentiality, integrity and availability of information stored, processed and communicated by and within the Trust. These standards, procedures and policies are used as part of the information security management system (ISMS) within the Trust. This document sets out the procedures in place to ensure that all documents forming the ISMS are subject to a formal process of issue, amendment and withdrawal. The procedures are designed to ensure that: Documents are approved prior to issue by designated individuals; Documents are issued to only those authorised to receive them; Obsolete documents are withdrawn and a copy of the superseded document is retained within an archive library; Responsibilities for document control are assigned; Access to electronic media containing the ISMS is controlled. This procedure applies to all documents which comprise the overall Information Security Management System (ISMS).

Page 4 2. Responsibilities Within This Document Particular responsibilities within the standard are defined as:- Review and Maintenance Approval of this document Approval of changes to the ISMS Local adoption Information Security Officer Information Governance & Security Forum Information Governance & Security Forum for all changes with the exception of the Security Policy Trust Board for changes to the Security Policy All managers, staff and contracts within scope 3. Document Definition The ISMS documents will be distributed under two classifications, controlled and uncontrolled: CONTROLLED copies will be given a specific control number and will be updated whenever there are amendments to the ISMS. Holders of controlled copies will be listed on the Distribution List held by the Information Security Officer. Main BS7799 document library. Insert details Informatics Services Department Procedures/Working instructions Insert details UNCONTROLLED copies are not numbered and will not be covered by the attached procedures. Only the document set held by the Information Security Officer and the BS7799 electronic library will be classed as controlled. Distribution and maintenance of the ISMS is the responsibility of Information Security Officer

Page 5 4. Procedure 4.1 Authorisation All amendments to the ISMS must be approved by the Information Governance Security Forum and this will be evidenced in the minutes of that group. The only exception to this is the Information Security Management Policy which must be approved by the Trust Board. Such authorisation will normally be provided in advance of adoption, however it is acknowledged that in certain circumstances there may be a need to update or amend documentation as a matter of urgency. In such circumstances, the Director of Finance is empowered to authorise amendments those these will be presented to the next formal meeting of the Information Governance Security Forum for ratification. 4.2 Notification Every update (i.e. new insertion or amendment) to the manual will be accompanied by a covering document that: Identifies the person who has raised & approved it; Provides a full reference for the new document so that it can be placed in its proper position in the manual; Provides a description of the change(s) proposed; Identifies any documents that are withdrawn; Indicates the date that the new documents are to take effect. This notification will be signed by the Head of IT acting under minuted approval from the Information Governance Security Forum or by the Director of Finance in emergency circumstances. A template of this covering note is included at Appendix A

Page 6 4.2 Version Control All approved and issued updates to the ISMS will increase the version number of the particular document changed. A central copy of the superseded document will be retained by the Information Security Officer for a period of 12 months. All other copies of the superseded document are to be destroyed. 4.3 Dissemination All new recruits to the Walton Centre s Informatics Services Department will be directed to the ISMS on the intranet.

Page 7 APPENDIX A - ISMS AMENDMENT NOTIFICATION ISMS Change Notification To: [Click here and type name] From: [Click here and type name] CC: [Click here and type name] Date: February 15, 2007 The attached amendment(s) relate to your controlled copy of the Trust s Information Security management System. The documents and amendments relate to:- Document Ref Version Date Summary of Changes These amendments take effect form (insert date) Please ensure that all superseded copies are removed from your copy of the ISMS and are destroyed. Authorised by: Position: Date ACKNOWLEDGEMENT I have read and understood the above amendments. Signed: Date

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information