Versions Compared

Old Version 8

changes.mady.by.user Ryan Heathcote

Saved on

compared with

New Version 9

changes.mady.by.user Ryan Heathcote

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Effective Date: 2023-05-01

Contents

Table of Contents
minLevel1
maxLevel7

...

Policy

Purpose

Access Control Policy

To limit access to information and information processing systems, networks, and facilities to authorized parties in accordance with business objectives.

Asset Management Policy

To identify organizational assets and define appropriate protection responsibilities.

Business Continuity & Disaster Recovery Plan/wiki/spaces/CCD/pages/2516680707

To prepare CloudCard in the event of extended service outages caused by factors beyond our control (e.g., natural disasters, man-made events), and to restore services to the widest extent possible in a minimum time frame.

Cryptography Policy

To ensure proper and effective use of cryptography to protect the confidentiality, authenticity and/or integrity of information.

Data Management Policy

To ensure that information is classified and protected in accordance with its importance to the organization.

Human Resource Security Policy

To ensure that employees and contractors meet security requirements, understand their responsibilities, and are suitable for their roles.

Incident Response Plan

Policy and procedures for suspected or confirmed information security incidents.

Information Security Roles and Responsibilities

Establishes the roles and responsibilities that ensure effective communication of information security policies and standards.

Operations Security Policy

To ensure the correct and secure operation of information processing systems and facilities.

Physical Security Policy

To prevent unauthorized physical access or damage to the organization’s information and information processing facilities.

Risk Management Policy

To define the process for assessing and managing CloudCard’s information security risks in order to achieve the company’s business and information security objectives.

Secure Development Policy

To ensure that information security is designed and implemented within the development lifecycle for applications and information systems.

Third-Party Management Policy

To ensure protection of the organization's data and assets that are shared with, accessible to, or managed by suppliers, including external parties or third-party organizations such as service providers, vendors, and customers, and to maintain an agreed level of information security and service delivery in line with supplier agreements.

...