information security management

Financial institutions need to be prepared to resume operations as quickly and efficiently as possible after a disaster or other adverse incident. In an Internet environment, these threats may include the loss of Internet access by the institution or loss of access to the institution via the Internet by its customers.

The contingency plan should cover the following areas:

- Define the roles and responsibilities for each team member in the event of a problem situation.

- Identify the risks posed by each system deployed.

- Detail strategies and procedures for recovery.

Viruses, worms, and other malicious software can destroy critical or confidential data, compromise security, and generate a large volume of network traffic. A small number of infected computers can have a catastrophic effect on NC State's networked systems and on the campus's ability to perform core business and instructional functions. Therefore, in order to protect the campus computing infrastructure, the University is implementing a requirement for the use of anti-virus software.

Anti-Virus Software Requirement and Responsibilities
A. All University owned computers connecting to the campus network (including computers connecting via the NC State wireless network (Nomad), NC State VPN, or NC State modem pool) that are running one of the listed operating systems for which the University has site-licensed an anti-virus software package are required to install and enable the University site-licensed anti-virus software. If a user desires to run an alternate anti-virus product, it must be on the approved list () or they must request approval with justification according to the provided instructions at . It is also highly encouraged that the same requirements be followed for personal machines. Note that ResNet already has an anti-virus requirement that covers residence hall occupants; see ResNet Terms of Use.

Download Free ISO 27001 Information Security Management Questionnaire Certification as per ISO 27001

The purpose of this ISO 27001 Information Security Management Questionnaire Certification is to collate information within the scope of the project meeting in order to prepare a quotation and assist the certification body in contract review. It forms part of the audit documentation. The statements will be verified during audit stage

ISMS responsibility for the ISMS
- has been fully and separately regulated on all levels (e.g. independent ISMS representative)
- to some extent includes supervisory, cross-site functions (e.g. at operating level)
- is administered at all levels by the persons responsible for the other MS

Download Free The ITIL V3 Qualification Scheme FAQ (Frequently Asked Questions)

What is a "qualification scheme"?

A qualification scheme is a roadmap for achieving a Professional Certification. It typically consists of a set of intermediate Credentials which build and depend upon each other which in total demonstrate that the skills and knowledge embedded in the Certification have been achieved. The ITIL V3 qualification scheme is very different from the V2 in that it defines different subject matter ladders to climb, has more levels to the scheme, provides guidance on how to achieve each type and level of Certification, delineates the prerequisites for each level and lays out the roles and responsibilities of the different organizations participating in the scheme.

Why is there a new ITIL qualification scheme?

Although much of ITIL content is the same between version 2 and version 3, its scope, its orientation and the structure of its advice have evolved significantly. The new scheme takes these changes into account and therefore has become a modular points-based system

Download Free Wireless Network Communication Security Policy

1 Overview