Cryptographic Controls Standard

Cryptographic Controls Standard

The objective of the Cryptographic Controls Standard is to outline the minimum information security controls which must be applied when cryptographic services and solutions are utilized by the Company. Specifically, this Standard focuses on key management requirements, acceptable algorithms, appropriate key lengths, and raises pertinent regulatory considerations relating to the use of cryptography.

Cryptographic controls can be used for a number of different security objectives, in particular for the following:

a. Confidentiality: using encryption of information to protect against unauthorized access to information, either stored or transmitted;

b. Integrity/Authenticity: using message authentication codes or digital signatures to protect the authenticity and integrity of stored or transmitted information;

c. Non-repudiation: using cryptographic techniques to assist with determining proof of the occurrence or non-occurrence of an event, or

d. Authentication, e.g. certificate based authentication

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. USE OF CRYPTOGRAPHIC CONTROLS
3.1 APPROVED COMPONENTS SETTINGS AND PROCEDURES
3.2 ASSURANCE OF CONFIDENTIALITY
3.3 ASSURANCE OF INTEGRITY/ AUTHENTICITY
3.4 ASSURANCE OF NON-REPUDIATION
3.5 ASSURANCE OF AUTHENTICATION
4. KEY MANAGEMENT
4.1 MANAGEMENT OF KEYS
4.2 ASYMMETRIC CRYPTOGRAPHY
5. CRYPTOGRAPHIC CONTROL REGULATIONS
6. COMPLIANCE
7. EXCEPTIONS
8. FINAL CONSIDERATIONS
8.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
8.2 DOCUMENT REVISION

Pages: 16

Review Cryptographic Controls Standard.

Your email address will not be published. Required fields are marked *

Related Products:

€1,719.99

Purchase

This bundle contains all the products listed in the Data Governance section. Take advantage of the 25% OFF when buying the bundle!

€49.99

Purchase

The Desktop Usage Policy is intended to maintain the security of Company information processing on desktop computers equipment against the risks associated with the exposure or loss of sensitive, unique or personal information.

€79.99

Purchase

This Information Security Policy identifies the guiding principles that all Company employees must adhere to in order to ensure the confidentiality, integrity, and availability of Company’s information assets.

Get  Your Free Sample

Please use the form below to subscribe to our list and receive a free procedure template!
GET YOUR FREE TEMPLATE
>
close-link