Security Policy 01.doc - RACGP Computer and information...

This preview shows page 1 - 10 out of 53 pages.

RACGP Computer and information security standards workbook 0
Image of page 1

Subscribe to view the full document.

RACGP Computer and information security standards workbook 1
Image of page 2
RACGP Computer and information security standards workbook 2
Image of page 3

Subscribe to view the full document.

RACGP Computer and information security standards workbook 3
Image of page 4
Contents 2 RISK ASSESSMENT 9 2.1 S ECURITY COORDINATOR ( S ) 9 2.2 A RTICULATE THE OPERATING PARAMETERS 9 2.3 S TAFF AND TECHNICAL SUPPORT CONTACT DETAILS 10 2.4 A SSET REGISTER 11 2.5 I DENTIFY THREATS , VULNERABILITIES AND CONTROLS 24 2.6 I DENTIFY APPROPRIATE CONTROLS 34 2.7 S ECURITY MANAGEMENT AND REPORTING , INCLUDING MONITORING COMPLIANCE AND REVIEW PLANNING 34 2.8 E DUCATION AND COMMUNICATION 34 2.9 B REACH REPORTING 35 3 STAFF ROLES AND RESPONSIBILITIES 36 3.1 S ECURITY COORDINATOR 36 3.2 O THER STAFF ROLES AND RESPONSIBILITIES 36 3.3 S AMPLE CONFIDENTIALITY AGREEMENT 37 4 ACCESS CONTROL AND MANAGEMENT 38 5 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANS 39 6 BACKUP 46 7 MALWARE, VIRUSES AND EMAIL THREATS 48 8 NETWORK PERIMETER CONTROLS 49 9 PORTABLE DEVICES AND WIRELESS NETWORKS 50 10 PHYSICAL, SYSTEM AND SOFTWARE PROTECTION 51 10.1 P HYSICAL PROTECTION 51 10.2 S YSTEM MAINTENANCE 52 10.3 S OFTWARE MAINTENANCE 52 11 SECURE ELECTRONIC COMMUNICATION 53 RACGP Computer and information security standards workbook 4
Image of page 5

Subscribe to view the full document.

TABLES RACGP Computer and information security standards workbook 5
Image of page 6
Tables (cont) RACGP Computer and information security standards workbook 6
Image of page 7

Subscribe to view the full document.

How to use this document RACGP Computer and information security standards workbook 7
Image of page 8
1 Computer and information security checklist This checklist provides a record of the 12 basic computer and information security categories that should be undertaken. The checklist is a guide only and does not describe the complete list of security activities that should be undertaken. Details of these are provided in the RACGP Computer and information security standards. Computer and information security checklist Date of assessment: ___ / ___ / _____ Category Tasks Completed (Tick and add date) 1. Risk Assessment Conduct risk assessment activities and put procedures in place __/__/__ 2. Staff roles and responsibilities Practice computer security coordinator’s roles documented Select practice staff member(s) for security coordinator role Computer security training for coordinator(s) provided __/__/__ __/__/__ __/__/__ 3. Practice security policies and procedures Computer and information security policies documented Computer and information security procedures developed Staff trained in computer security policies and procedures Individual staff agreements for confidentiality and computer use signed __/__/__ __/__/__ __/__/__ __/__/__ 4. Access control and management Staff policy about levels of access to data and information systems developed Staff are assigned appropriate access level Staff have individual passwords which are changed on a regular basis Confidentiality agreements for third party providers in place __/__/__ __/__/__ __/__/__ __/__/__ 5. Business continuity and disaster recovery plans Business continuity plan completed Disaster recovery plan completed Plans tested Plans reviewed and updated __/__/__ __/__/__ __/__/__ __/__/__ 6. Staff internet
Image of page 9

Subscribe to view the full document.

Image of page 10

{[ snackBarMessage ]}

Get FREE access by uploading your study materials

Upload your study materials now and get free access to over 25 million documents.

Upload now for FREE access Or pay now for instant access
Christopher Reinemann
"Before using Course Hero my grade was at 78%. By the end of the semester my grade was at 90%. I could not have done it without all the class material I found."
— Christopher R., University of Rhode Island '15, Course Hero Intern

Ask a question for free

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern