The Cryptographic Control Policy intends to draw the general principles acceptable to the Company for the usage of cryptography.
This policy applies to all employees and partners and to all electronic transactions wherein one or more of the abovementioned parties are involved. The Company will select appropriate cryptographic controls based on a risk assessment.
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. REQUIREMENTS
3.1 SYMMETRIC ENCRYPTION ALGORITHMS
3.2 ASYMMETRIC ENCRYPTION ALGORITHMS
3.3 HASH FUNCTIONS
3.4 SUPPORTED APPLICATIONS
3.5 KEY MANAGEMENT
3.6 CRYPTOGRAPHIC CONTROL USAGE
4. ROLES AND RESPONSIBILITIES
5. EXCEPTIONS
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
Pages: 8
This bundle contains all the products listed in the Data Governance section. Take advantage of the 25% OFF when buying the bundle!
The Datacenter Policy defines guidelines and controls that will ensure smooth operations and adequate access control mechanisms.
The objective of the Cryptographic Controls Standard is to outline the minimum information security controls which must be applied when cryptographic services and solutions are utilized by the Company. Specifically, this Standard focuses on key management requirements, acceptable algorithms, appropriate key lengths, and raises pertinent regulatory considerations relating to the use of cryptography.
Review Cryptographic Control Policy.
You must be logged in to post a review.