Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Contents
13
Hardware Policy
15
Cybercrime Policy
18
Premises & Other Related Considerations
19
Q&A
20
ICT Policy
Session II
ICT Policy
There shall be
implemented
formal
independent
testing
process
before
changes
are
ii. All incidences must be logged and a report submitted to the IT helpdesk for record.
iii. All changes while adhering to the defined process shall be requested through the
request for change control form.
iv. All modification to the hardware, firmware, software and related systems shall be
performed in such a manner as to ensure continuity of the services supported by the
system.
v. Changes to the live (operating) environment that may disrupt services shall as far as
possible be done outside business hours and shall ensure minimum disruption to
dependent services.
ICT Policy
ICT Policy
Backup policy
8. Backup Policy
Purpose & Scope
The purpose of this policy is to define the process of data storage for protection and integrity
of NDMAs data. The policy covers all system users data stored in the workstations, laptops,
servers and other portable devices.
Key Areas Covered:
Background: Computer systems do fail; it is not a matter of why or how, but a matter of
when.
i.
Several external factors, of which NDMA is not in control, can cause occasional or
severe problems to the systems; computer crashing, natural disasters such as flood
or lightning to man-made disasters etc.
ii. Loss of information could cause severe downtime resulting in: lost production, delay
of NDMAs operations, wasted time in recreation effort, legal liabilities, deterioration
in customer relationships, reputation among others
Backup Process: This procedure applies to all equipment and data owned and operated by
NDMA.
i.
The backups of the main storage server shall be run nightly, after business hours, to
make sure that all files are closed and available for backup.
ii. Incremental backups shall be done on the primary storage server each night Monday
through Thursday and Full Backup done on Fridays.
iii. At the end of the month, full backups shall be done to a separate series of tapes and
labeled with End of month, year.
iv. At the end of the year, full backups shall be done to another separate series of tapes
and labeled with End of year. Backups are to be complete prior to beginning of
next business day.
ICT Policy
Backup policy
8. Backup Policy Cont.
ICT Policy
ICT Policy
ICT Policy
ICT Policy
11
ICT Policy
12
ICT Policy
13
ICT Policy
ICT Policy
15
ICT Policy
16
ICT Policy
17
ICT Policy
Combating Cybercrime
14. Cybercrime Policy
ICT Policy
Physical Security
15. Premises Related Considerations
Purpose & Scope
This policy governs the physical protection of computer premises, environmental conditions
and other external threats. The policy is alive to the fact that illegal physical access to
computers & networks can compromise the integrity of information and lead to loss of
computer equipment's as well
Key Areas Covered:
Securing Physical Protection of Computer Premises: Computer
safeguarded against unlawful and unauthorized physical intrusion
premises
shall
be
Ensuring Suitable Enviromental Conditions: When locating computers and other hardware,
suitable precautions shall be taken to guard against the environmental threats of fire, flood
and excessive ambient temperature and humidity
Physical Access Control to Secure Areas: All computer premises shall be protected from
unauthorized access using an appropriate balance between simple ID cards to more complex
technologies to identify, authenticate and monitor all access attempts
Electronic Eavesdropping: Electronic eavesdropping shall be guarded against by using
suitable detection mechanisms, which shall be deployed if and when justified by the periodic
risk assessments of the organization
Disaster Recovery Plan: Owners of the NDMAs information systems shall ensure that
disaster recovery plans for their systems are developed, tested, and implemented
Cabling Security: The security of network cabling shall be reviewed during any upgrades or
changes to hardware or premises
19
Q & A?
Thank You