IT Baseline Protection Manual - The Information Warfare Site

Other IT Components Telecommuting
_________________________________________________________________________________________
Force Majeure
- T 1.1 Loss of personnel
Organisational shortcomings:
- T 2.1 Lack of, or insufficient, rules
- T 2.2 Insufficient knowledge of requirements documents
- T 2.4 Insufficient monitoring of IT security measures
- T 2.5 Lack of, or inadequate, maintenance
- T 2.7 Unauthorised use of rights (on the workstations at home and at the institution)
- T 2.8 Uncontrolled use of resources
- T 2.22 Lack of evaluation of auditing data
- T 2.24 Loss of confidentiality of sensitive data of the network to be protected
- T 2.49 Lack of, or inadequate, training of teleworkers
- T 2.50 Delays caused by a temporarily restricted availability of teleworkers
- T 2.51 Poor integration of teleworkers into the information flow
- T 2.52 Longer response times in the event of an IT system breakdown
- T 2.53 Inadequate regulations concerning substitution of teleworkers
Human Failure:
- T 3.1 Loss of data confidentiality/integrity as a result of IT user error
- T 3.3 Non-compliance with IT security measures
- T 3.9 Improper IT system administration
- T 3.13 Transfer of incorrect or undesired data records
- T 3.16 Incorrect administration of site and data access rights
- T 3.30 Unauthorised private use of telecommuting workstations
Technical Failure:
- T 4.13 Loss of stored data
Deliberate Acts:
- T 5.1 Manipulation/destruction of IT equipment or accessories
- T 5.2 Manipulation of data or software
- T 5.7 Interception of lines
- T 5.8 Manipulation of lines
- T 5.9 Unauthorised use of IT systems
- T 5.10 Abuse of remote maintenance ports
- T 5.18 Systematic trying-out of passwords (on the workstations at home and at the institution)
- T 5.19 Abuse of user rights
- T 5.20 Misuse of administrator rights
_________________________________________________________________________________________
IT-Baseline Protection Manual: Otober 2000