The Remote Access Policy was developed by the Company in order to define a common minimum baseline level of security for the provision of access to Company’s systems from external locations (remote access connections used to do work on behalf of Company, including reading or sending email and viewing intranet web resources) not under the control of that Company.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
4. ROLES AND RESPONSIBILITIES
4.1 DEPARTMENT MANAGER
4.2 TECHNOLOGY SECURITY TEAM
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
The objective of the Configuration Management Procedure is to ensure the integrity and availability of Company information and to prevent damages from uncontrolled configuration changes to all IT and physical infrastructure services that support Company’s systems.
The Managing IS Risks in IT Services Provided by Third Parties Standard requires the use of risk management techniques to stipulate controls necessary for the management of the relationship with IT third parties and those controls required in formal agreements with the IT third parties.