Introduction
PURPOSE
This book provides guidance to users of 10ARK DIGITAL computer systems and networks. Implementation of the policies herein will ensure adequate security for all information collected, processed, transmitted, stored, or disseminated as part of 10ARK DIGITAL services, systems and applications.
The purpose of this book is to safeguard information belonging to 10ARK DIGITAL and its stakeholders (third parties, clients or customers and the general public), within a secure environment.
This book informs 10ARK DIGITAL employees, contractors, and other individuals entitled to use 10ARK DIGITAL facilities, of the principles governing the holding, use and disposal of information.
This book addresses the following areas of concern:
General security policy and standards
Security organisation
Personnel security and training
Physical security
Computer systems access control
Security in system life cycle management
Computer integrity and incident reporting
Malicious software
Business continuity management
Compliance
This book has the following objectives:
Information will be protected against unauthorised access or misuse
Confidentiality of information will be secured
Integrity of information will be maintained
Availability of information / information systems is maintained for service delivery
Business continuity planning processes will be maintained
Regulatory, contractual and legal requirements will be complied with
Physical, logical, environmental and communications security will be maintained
Infringement of this Policy may result in disciplinary action or criminal prosecution
When information is no longer of use, it is disposed of in a suitable manner. All information security incidents will be reported to the Director of ICT Systems, and investigated through the appropriate management channel
The policies, standards and guidelines listed in this book use the Information Security Policy templates listed at https://www.sans.org/security-resources/policies as a baseline.
Last updated
Was this helpful?