IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

S 2.14 Key management<br />

Initiation responsibility: Head of Organisational Section; <strong>IT</strong> Security<br />

Management<br />

Implementation responsibility: Head of <strong>Site</strong>/Bldg Technical Service<br />

For all keys to the building (of floors, hallways and rooms), a lock-up plan<br />

should be drawn up. <strong>The</strong> manufacture, storage, management and issue of keys<br />

must be organised on a centralised basis. Reserve keys are to be provided and<br />

have to be stored securely. <strong>The</strong> same goes for all identification means such as<br />

magnetic or smart cards. Attention must be paid to the following:<br />

- Where a lock-up facility is available, either specific lock-up groups must<br />

be established for sensitive areas, or individual rooms should be removed<br />

from the lock-up group and provided with a single lock-up.<br />

- Keys not issued to personnel and spare keys must be stored in a way<br />

affording protection against unauthorised access.<br />

- Issue of keys will be against receipt and must be documented.<br />

- Arrangements must be made with regard to the response required in case of<br />

loss of individual keys (reporting, replacement, reimbursement of costs,<br />

replacement of the lock, alteration of the lock-up group, etc.).<br />

- When changes are made to the authorities of staff members, the lock-up<br />

rights are to be checked; if and where required, the keys will have to be<br />

recovered.<br />

- In case of termination of employment, all keys must be retrieved from the<br />

persons concerned (inclusion of key management in the inter-office slip<br />

(checklist)).<br />

- Locks and keys to particularly sensitive areas (for which only a very<br />

restricted number of keys should be issued) may be exchanged as required<br />

in order to neutralise the function of counterfeited keys.<br />

Additional controls:<br />

- What rules have been laid down as regards key management?<br />

- Are these rules accepted by the staff members?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!