Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Management
Mahesh Patwardhan
maheshpatwardhan@rediffmail.com
Information
Office
Office of Technology
Compliance Systems Partner
and Control Relations
Partner
Change Policy Ops and Contract
Information Access Build and Relationship
Managemen Managemen Maintenanc Managemen
Security Control Deploy Managemen
t t e t
t
Compliance and Control: Information Security
Conduct Reviews
Security, Access Control, AUP, B&R, DR Policy
Record all Policy Reviews (MOM)
Policies to be updated and approved
Updates to policies to be logged
Compliance and Control: Information Security
Communication:
Information Security Policy and Access Control Policy updates to all
employees periodically.
HR Training calendar for Security and Appropriate Usage sessions.
Conduct Security Awareness and Appropriate Sessions for new
joinees.
Monitoring
Review of System Exception Logs, Unauthorized Logins,
Authorized Users lists
All Reviews to be logged and the review reports with findings
signed off on.
Action taken report to be reviewed and signed off-on.
Compliance and Control: Information Security
Define
Data Backup/Restoration Process
Recovery Testing Process
Data securing process (tape-to-bank)
Review
Data Backup/Restoration Process
Recovery Testing Process
Data securing process (tape-to-bank)
Backup/Restoration/Recovery Testing Log Sheet
Monthly Tape-To-Bank Log Sheet
All reviews to be recorded (MOM)
Access Control
Creation/Deletion of User IDs /privilege grants process
Request from HR
for domain/email ID Hardcopy of
Authorized Confirmation
Request sent for granting
Filed by Mgr – IS &
App and Server
requested
Request for temporary Access Auth Matrix Privileges/access
unprivileged access Updated
To server raised by
user
Application
Email / Domain
Authorization
Users List
Matrix
Office of Compliance and Control:
Change Management
Periodic Review of
Change Management Process.
Change Requests submitted.
Change Request Approvals
Pending deployments
Chief
Information Security Information Director
Officer Office Information Systems
Information Partner
Access Change Policy Build and Ops & Contract
Security Relationship
Control Control Management Deploy Maintenance Management
Management