25 January 2020

ITPROSEC Information Security Policy and Standards

This document defines the general information security policy for the protection of the integrity, confidentiality and availability of the IT Profession Security’s (ITPROSEC) networks, computer systems and information. This document is one in a series that defines information security policy that are applicable to people, processes and technology at the ITPROSEC. This documented is aligned

ITPROSEC Information Security Policy and Standards Read More »

ITPROSEC General Security Requirements

This document defines the general security requirements for the protection of the integrity, confidentiality and availability of the IT Professional Security’s (ITPROSEC) networks, computer systems and information. This document is one in a series that defines security requirements that are applicable to people, processes and technology at the ITPROSEC. This documented is aligned with four

ITPROSEC General Security Requirements Read More »

ITProSec Data Classification and Control Process

The objective of the ITPROSEC Data Classification and Control Process is to protect the information assets of the ITPROSEC by ensuring the confidentiality, integrity and availability of the assets. Information has many forms including conversations, speeches, printed documents, handwritten notes, information stored on computer systems in electronic form, video and audio tapes, etc. Information assets

ITProSec Data Classification and Control Process Read More »

Information Security Incident Response Policy and Procedures

Overview: This document offers a recommended, cyclic approach to managing both cybersecurity and information security related events in a systematic manner. The phased incident response approach outlined in this document aligns with the approach recommended by the US National Institute of Standards and Technology (NIST).

Information Security Incident Response Policy and Procedures Read More »

Security Awareness Deployment Plan

Overview : The purpose of this document is to outline a proposed approach to deploying the security awareness and training program at the ITPROSEC.  This document will outline the proposed approach, timing and materials the ITPROSEC’s Information Security team would like to deploy over the course of the upcoming fiscal year (FY2017/2018).  The intended audience

Security Awareness Deployment Plan Read More »