IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
and which have to be involved. A sensible proposal for distributing
responsibilities is summarised in the following table::
Compiling the
requirement
catalogue
Selection of a
suitable product
Testing
Approval
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000
responsible to be involved
Specialist Department,
IT Area
Procurer
Specialist Department
and IT Area
Management of
Agency/Company, -
maybe delegated to
Head of Specialist
Department
Procurer, Budget Manager, IT
Security Officer, Data Privacy
Officer, Staff or Works Council
IT Area, Specialist Department
IT Security Officer, Data
Privacy Officer, Staff or Works
Council
Procurement Procurer Budget Department
Ensuring integrity
of the software
Installation and
configuration
Version checking
and licence
management
IT Area
IT Area
IT Area
Deinstallation IT Area
Checking IT
operation
IT Security officer
The allocation of these responsibilities should be set down in writing and it
should be checked on a regular basis that the relevant procedures are correctly
adhered to.
Additional controls:
- Which provisions are in force?
- Are all employees aware of existing regulations and the monitoring of
these regulations?
- Are all relevant bodies (e.g. staff council, budget department, Data Privacy
Officer) involved to the appropriate extent?
-
-
-
-
-
-