Using Reflex Disknet Pro to Aid Compliance with BS 7799 & ISO/IEC ...
Using Reflex Disknet Pro to Aid Compliance with BS 7799 & ISO/IEC ...
Using Reflex Disknet Pro to Aid Compliance with BS 7799 & ISO/IEC ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Contents<br />
INTRODUCTION 4<br />
EXECUTIVE OVERVIEW 4<br />
MEETING AND RETAINING THE STANDARD 5<br />
1. ASSET CLASSIFICATION AND CONTROL [5] 6<br />
1.1. INVENTORY OF ASSETS – PHYSICAL ASSETS [5.1.1 (C)] 6<br />
2. PHYSICAL AND ENVIRONMENTAL SECURITY [7] 7<br />
2.1. SECURITY OF EQUIPMENT OFF-PREMISES [7.2.5 (A) & (C)] 7<br />
2.2. SECURE DISPOSAL OR RE-USE OF EQUIPMENT [7.2.6] 8<br />
3. COMMUNICATIONS AND OPERATIONS MANAGEMENT [8] 8<br />
3.1. OPERATIONAL CHANGE CONTROL [8.1.2] 8<br />
3.2. INCIDENT MANAGEMENT PROCEDURES [8.1.3 (A) (B) (C)] 9<br />
3.3. PROTECTION AGAINST MALICIOUS SOFTWARE [8.3] 10<br />
3.4. CONTROLS AGAINST MALICIOUS SOFTWARE [8.3.1 (A) (B) (E) (F)] 11<br />
3.5. MEDIA HANDLING AND SECURITY [8.6] 12<br />
3.6. MANAGEMENT OF REMOVABLE MEDIA [8.6.1 (A) (B)] 12<br />
3.7. DISPOSAL OF MEDIA [8.6.2 (A)] 13<br />
3.8. EXCHANGES OF INFORMATION AND SOFTWARE [8.7] 13<br />
3.9. SECURITY OF MEDIA IN TRANSIT [8.7.2 (C)] 13<br />
4. ACCESS CONTROL [9] 13<br />
4.1. EVENT LOGGING [9.7.1 (A) (B) (C) (E)] 13<br />
4.2. MOBILE COMPUTING AND TELEWORKING [9.8] 13<br />
5. SYSTEMS DEVELOPMENT AND MAINTENANCE [10] 14<br />
5.1. POLICY ON THE USE OF CRYPTOGRAPHIC CONTROLS [10.3.1] 14<br />
5.2. SECURITY OF SYSTEM FILES [10.4] 14<br />
5.3. CONTROL OF OPERATIONAL SOFTWARE [10.4.1 (A) (C)] 14<br />
5.4. CHANGE CONTROL PROCEDURES [10.5.1] 15<br />
5.5. COVERT CHANNELS AND TROJAN CODE [10.5.4 (E)] 15<br />
6. COMPLIANCE [12] 15<br />
© <strong>Reflex</strong> Magnetics Ltd 2