IT Baseline Protection Manual - The Information Warfare Site

Non-Networked Systems and Clients IT-Security Management
_________________________________________________________________________________________
Force Majeure
- T 1.1 Loss of personnel
- T 1.2 Failure of the IT system
- T 1.4 Fire
- T 1.5 Water
- T 1.8 Dust, soiling
Organisational shortcomings
- T 2.1 Lack of, or insufficient, rules
- T 2.7 Unauthorised use of rights
- T 2.9 Poor adjustment to changes in the use of IT
- T 2.21 Inadequate organisation of the exchange of users
- T 2.21 Lack of evaluation of auditing data
Human Failure
- T 3.2 Negligent destruction of equipment or data
- T 3.3 Non-compliance with IT security measures
- T 3.6 Hazards posed by cleaning staff or outside staff
- T 3.8 Improper use of the IT system
- T 3.16 Incorrect administration of site and data access rights
- T 3.17 Incorrect change of PC users
Technical Failure
- T 4.1 Disruption of power supply
- T 4.7 Defective data media
Deliberate Acts
- T 5.1 Manipulation or destruction of IT equipment or accessories
- T 5.2 Manipulation of data or software
- T 5.4 Theft
- T 5.9 Unauthorised use of IT systems
- T 5.18 Systematic trying-out of passwords
- T 5.21 Trojan horses
- T 5.23 Computer viruses
- T 5.43 Macro viruses
Recommended Countermeasures (S)
For the implementation of IT baseline protection, selection of the required packages of safeguards
("modules"), as described in Sections 2.3 and 2.4, is recommended.
_________________________________________________________________________________________
IT-Baseline Protection Manual: Otober 2000