IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

S 2.25 Documentation of the system configuration<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security management<br />

Implementation responsibility: Administrators<br />

Planning, control, monitoring and contingency planning for <strong>IT</strong> systems<br />

depend on up-to-date documentation of those systems. Only if documentation<br />

of the system configuration is up-to-date is orderly recovery of the <strong>IT</strong> system<br />

possible following an emergency.<br />

In the case of network operation, the physical network structure (cf. S 5.4<br />

Documentation on, and marking of, cabling) and the logical network<br />

configuration must be documented, as must the access rights of individual<br />

users (cf. S 2.31 Documentation on authorised users and rights profiles) and<br />

the data backup status. Again, the applications used and their configuration<br />

must be documented, also the file structures on all <strong>IT</strong> systems.<br />

Care should be taken to ensure that documentation is up-to-date and easy to<br />

understand so that a deputy could take over the administrative tasks at any<br />

time. <strong>The</strong> system documentation must be kept in such a way that it is available<br />

should an emergency occur at any time. If it is maintained in electronic form,<br />

it should either be printed out at regular intervals or else it should be stored on<br />

a transportable data medium. Access to the documentation should be confined<br />

to the responsible Administrators.<br />

<strong>The</strong> system documentation should cover all the actions to be taken on starting<br />

up or shutting down <strong>IT</strong> systems. This is especially important for networked <strong>IT</strong><br />

systems. Here, for example, it is often necessary to adhere to a particular<br />

sequence when mounting drives or starting up network services.<br />

Additional controls:<br />

- Is the existing documentation up-to-date?<br />

- Is it possible to continue administration on the basis of that documentation?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!