Computer Documentation Wiki

User Tools

Site Tools

Trace:
policies:security:develandmaint

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
policies:security:develandmaint [2018/01/10 12:21] – [31. System ownership] deulpolicies:security:develandmaint [2018/01/10 13:32] (current) – [39. Calamity procedures] deul
Line 6: Line 6:
 For Servers and Desktops the ownership/user is recorded in the CMDB.  For Servers and Desktops the ownership/user is recorded in the CMDB. 
  
-For non-scientific information systems, by definition the Scientific Director ([[policies:security:organization|see roles]]) is the owner. But he is allowed to delegate the responsibility to any of is subordinates.+For non-scientific information systems, by definition the Scientific Director ([[policies:security:organization|see roles]]) is the owner. But he is allowed to delegate the responsibility to any of his subordinates.
  
 ====32. New information systems procedure==== ====32. New information systems procedure====
-New scientific informations systems will all fall in the 'basic risk' category. For information systems that store personel information extra security measures will be taken to adhere to the GPDR requirements.+New scientific informations systems will all fall in the 'basic risk' category. For information systems that store personel information extra security measures will be taken to adhere to the GDPR requirements.
 ====33. Additional risk analysis==== ====33. Additional risk analysis====
 There are no scientific systems with elevated risks. So no additional risk analysis measures have to be taken. There are no scientific systems with elevated risks. So no additional risk analysis measures have to be taken.
  
-For information systems storing personel information additional analysis will take place to adhere to the GDPR requirements.+For information systems storing personel information additional analysis takes place to adhere to the GDPR requirements.
 ====34. Operational acceptance asset==== ====34. Operational acceptance asset====
 Information systems are implemented in close collaboration with the system owner, but no formal, written acceptance is in place. For systems 'owned' by system management, a team meeting is initiated to formally decide a 'GO' on becoming part of the operational system. Information systems are implemented in close collaboration with the system owner, but no formal, written acceptance is in place. For systems 'owned' by system management, a team meeting is initiated to formally decide a 'GO' on becoming part of the operational system.
Line 28: Line 28:
 The Security manager as defined by the [[policies:security:organization|roles]] is the responsible person for all incidents and works in collaboration with all team members to resolve the incident. The Security manager as defined by the [[policies:security:organization|roles]] is the responsible person for all incidents and works in collaboration with all team members to resolve the incident.
 ====39. Calamity procedures===== ====39. Calamity procedures=====
-There is no true calamity procedure and each case is handled ad hoc, with teh following requirements in mind:+There is no true calamity procedure,  and each case is handled ad hoc, with teh following requirements in mind:
   * Minimize downtime of critical services   * Minimize downtime of critical services
   * Communicate the calamity to all users/steakholders   * Communicate the calamity to all users/steakholders
   * Maximize the collaborative effort within the IT Department team   * Maximize the collaborative effort within the IT Department team
   * Strive to full resolution of the calamity   * Strive to full resolution of the calamity
policies/security/develandmaint.1515586862.txt.gz · Last modified: 2018/01/10 12:21 by deul

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki