5.1 Explain the importance of policies, plans and procedures related to organizational security. Flashcards
Business Continuity Plan (BCP)
ensures that the business can continue to function should a Natural or man-made disaster happen.
Business Partners Agreement (BPA)
Written agreement between two or more entities who join as partners to form and carry on a for-profit business.
(if we are not too busy we will help fulfill their order)
Service Level Agreement (SLA)
An agreement that specifies performance requirements for a vendor and outlines MINIMUM levels of support, including in the event of failure or disaster.
Interconnection Service Agreement (ISA)
Documents the technical and security requirements for establishing, operating, and maintaining the interconnection.
Memorandum of Understanding/Agreement (MOU/MOA )
Defines the terms and conditions for securely sharing data and information resources.
not legally binding
handshake on paper
Mandatory Vacations
forced to take a vacation. Also, the company is checking your computer while you’re gone.
Job Rotation
Defines intervals at which employees must rotate through positions. provides opportunity to cross train. Also provides an opportunity to discover fraud.
Separation of Duties
Prevents collusion and fraud. For instance one person cannot both write and sign a check.
Clean Desk
A clean desk policy increases the physical security of data by requiring employees to limit what is on their desk or ON THEIR MONITOR.
Background Checks
All potential employees should be thoroughly screened with an extensive background check before being hired and given access to the computer systems.
Exit Interviews
The last real opportunity for that communication occurs when an individual leaves the organization and they are given an exit interview.
Non–disclosure Agreement (NDA)
A legal contract intended to cover confidentiality. Keep your mouth shut!!
Onboarding
The process used to train a new employee and bring them up to speed with the organization, its clients, its products, and so forth is known as onboarding.
can also be used to in the context of getting a new piece of equipment.
Acceptable Use Policy/ Rules Of Behavior (AUP)
Describe how the employees in an organization can use company systems and resources, both software and hardware.
Which of the following agreements contains the technical information regarding the technical and security requirements of the interconnection between two or more organizations? A. BPA B. MOA C. ISA D. MOU
C. ISA