Information Security Management System
Information Security Management Systems.
ISMS Management Policy - Statement encompassing Information Security and Procedures of CESD electronic assets.
Procedure Title |
Description |
Target Audience |
Who should backup data , where they should store it and how. |
All users |
|
Technical details about how the date and time are managed across the Division’s networked devices. |
Technology Services |
|
How to protect our digital assets and protect our staff and students by avoiding data loss. |
All users |
|
Tough but necessary questions to ask vendors when entering into agreements involving CESD Information. |
Department Heads |
|
Data has an owner, a custodian and a user. This outlines the roles and responsibilities. |
All users |
|
How information is classified. I.e. Public, Confidential, Private |
All users |
|
How access to Information is determined for users. |
All users |
|
The safe disposal of old hard drives from computers and copiers. Including external media and devices. |
All users |
|
The safe and responsible use of Mobile computing devices. |
All users |
|
Procedures to ensure computing systems are protected by using the latest security patches and upgrades. |
Technology Services |
|
Best Practices and controls for password creation |
All users |
|
Ensuring Communication and voicemail is being used effectively, securely and safely. |
All users |
|
What can be stored on removable media and how to prevent spread of infections. |
All users |
|
How to deal with security breaches and who needs to be involved. |
All users |
|
Technical requirements to configure Logons |
Technology Services |
|
New and parting user access and monitoring access |
All users |
|
Details about sending confidential and private information to external parties. |
All users |
|
Which Server systems MUST have Anti-virus and anti-spyware software. |
Technology Services |
|
Security requirements for configuring and controlling CESD servers. |
Technology Servers |
|
Ensuring Technical compliance and testing of Network systems across networks. |
Technology Services |
|
Expectations of Third parties accessing or holding CESD information. |
Department Heads |
|
Expectations around unattended and unlocked commuting devices |
Technology Services |
|
Requirements for visitors accessing CESD data and information |
All users |