Search

  • 17.3.25 Intrusion prevention

    The system administrators shall implement the following controls in order to prevent intrusion into servers and systems; Delete or turn off unneces...

  • 17.3.23 Protection against malicious software

    Users are responsible for ensuring that any IT asset they manage have: Latest software patches and updates applied Anti-virus or other applicable ...

  • 17.3.22 IT Asset Security

    All users are responsible for preventing the theft of IT assets. Users shall ensure following controls in order to prevent theft of, or unauthorized a...

  • 17.3.21 Information disposal

    Users must securely erase ‘internal’ or higher classified information promptly in non-recoverable manner when they are no longer required. Users m...

  • 17.3.18 Prevention of information leakage or manipulation in transit

    Users shall apply security controls when transmitting data of ‘confidential’ or higher classification to external parties. Such data must be en...

  • 17.3.17 E-mail

    Users are responsible for ensuring that information exchanged via e-mail is protected to a level commensurate with the classification of the informati...

  • 17.3.16 Copying

    Users and Document Management Administrators [link: 12.3.4.3.2] shall keep the number of copies of confidential information, in any combinations of me...

  • 17.3.15 Labeling

    Information assets must have their document classification clearly marked on the cover page, footer, header or watermark regardless of format. Includi...

  • 17.3.10 Protection of Information Assets

    In ensuring the basic protection of OIST information assets, users must handle Information Assets in a manner appropriate to the information classific...

  • 17.2.9 Compliance

    Any breach of information security, or misuse of IT Resources is regarded as serious. Breaches may result in disciplinary action, up to and including ...

Search found 410 items