This action might not be possible to undo. Are you sure you want to continue?
Sector/Group: Manager Responsible for the self assessment Process: Date Assessment is Performed: Individuals Performing this assessment:
What Networks Does this Assessment Cover: How many nodes are covered?
Name: Who are the Administrators responsible for this network?
Please recap the overall results of this assessment:
EISS Self Assessment - Section 1 - Information Management Standards
EISS Specific Section Reference: 1.0 Information Management Standards 1.1.a 1.1.2.a
Objective or Procedures Risk 1.1.1 Ownership of Information Does all data on SDLC computers or networks exist for the purpose of conducting SDLC business? Integrity 1.1.2 Access to Information Is access to the information provided on a “need to know” basis? Confidentiality 1.1.3 Appropriate Usage Is there evidence of usage of any SDLC electronic device for private or personal purposes without direct management knowledge and tacit approval? Integrity 1.2.1 Custodians Role and Authority Do custodians of information provide physical and procedural safeguards as needed per the classification of information in their custody to ensure the integrity and confidentiality of information assets as identified by information confidentiality asset owners? integrity For each information system, is an owner and delegate clearly defined and documented? availability Does the custodian have a list of system owners (SIC 8.1.2)? Integrity Does the custodian inform information asset owners of their responsibilities associated with the ownership and security of their data? Integrity Do custodians understand that they must not reclassify information without the permission of the owner? Integrity 1.2.2 Owners Role and Authority Are all information assets accounted for? Integrity Do all information assets have a defined confidentiality owner? integrity Have owners performed a risk analysis to determine, identify, and document the security classification associated with the information confidentiality assets they own in accordance with POPI availability classifications? integrity Is this classification reviewed at a minimum annually? confidentiality Do owners ensure that the appropriate business controls are applied and the conditions surrounding the custody or use of their information is in accordance with the confidentiality requirements of SIC Section 8 and the SDLC integrity EISS? availability confidentiality Do owners assign the role of custodian to integrity their data? availability
(Responsible Functional Area) User Owner Admin Custodian
Compliant (Y/N) Other
Action Plan if Needed:
1.2.1.a 1.2.1.b 1.2.1.b 1.2.1.c 1.2.1.d 1.2.2.a 1.2.2.a
x x x x x x x
Page: 2 of 34
iCST Internal Use Only
Filename: 2163706.xls - Section 1
EISS Self Assessment - Section 1 - Information Management Standards
Do owners fully understand any custodian conditions surrounding the custody or use of their information? Do owners ensure the custoditions are in accordance with the requirements of SIC Section 8 and the SDLC EISS? Do owners grant access privileges to those needing access to their data on a need to know basis? Do owners review access privileges to their data at a minimum annually? Is this review process documented? Is renewal information retained for a minimum period of one year? 1.3 Information Classification Do information owners define information classification? 1.3.5 Assigning Classifications Has the organization that “owns” the information (usually the creator) determined its sensitivity and criticality classification? Has the information been classified according to Corporate SOP E-60? Has proprietary information and information that is highly sensitive to outages been identified in disaster recovery plans as described in Section 8 of SDLC’s EISS? Have the information classifications been reviewed at a minimum annually by the business unit that owns the information to ensure that the classification is still correct? Classifications of Data Output Is output, including report, data, and software, which contains the same information content as the input used to create it assigned the same sensitivity classification as the input? Is output that is formed by the merger of multiple inputs classified in accordance with the highest level of sensitivity classification represented by the input? Is output that is substantially different than the input information used to create it, classified independently from the input? Access Do system or application “owners” authorize access to their data or applications in accordance with SIC 8.3.5? Is access authorization reviewed on a yearly basis in accordance with SIC 8.3.5?
1.2.2.e 1.2.2.e 1.2.2.f 1.2.2.g 1.2.2.g 1.2.2.g 1.3
confidentiality confidentiality confidentiality Integrity confidentiality integrity integrity confidentiality confidentiality
x x x x x
x x x
1.3.7 Non-SDLC Proprietary Classification Does the SDLC representative ask a nonSDLC information owner to define the meaning of any non-SDLC information classification label? confidentiality
Page: 3 of 34
iCST Internal Use Only
Filename: 2163706.xls - Section 1
EISS Self Assessment . including registration with Data Protection Authorities? confidentiality 1.b x 1. with guidance and advice from local Corporate Legal departments responsible for ensuring compliance with in Country and regional legislation? confidentiality Do regional and local in Country Management ensure that SDLC Ethics principles are enforced and that the individual’s personal and business privacy is not willfully violated? confidentiality Are management and especially Human Resources diligent when handling employee Personal and private data? confidentiality Does the information system handling personal and private data comply with applicable data protection laws.7.b 1.c x 188.8.131.52.e Mgmt Mgmt Mgmt 1.a Mgmt 1.d 1. and national and international legal requirements.f Mgmt Page: 4 of 34 iCST Internal Use Only Filename: 2163706.4.xls . kept to an absolute minimum? confidentiality Does information system handling of personal and private data comply with applicable protection laws? Is a person assigned at each SDLC unit to take responsibility for ensuring compliance with these privacy standards. for example in the course of problem resolution.4.4 Information Privacy Standards Are regional and local in Country Management. which may also cover manual records? confidentiality Is accidental disclosure of personal data.7. along with the SDLC equivalent classification marked on information which is not owned by SDLC and is it considered proprietary based on the original owner’s classification scheme? confidentiality information while in the possession of SDLC treated with the same care as defined by the closest corresponding SDLC POPI classification? confidentiality 1.3.c Mgmt Mgmt 1.4.Information Management Standards Is the non-SDLC proprietary classification.c 1.Section 1 .4.Section 1 .4.
encrypted tokens.General System Integrity and Security Access Controls EISS Specific Section Reference: 2.0 General System Integrity and Security Access Controls Objective or Procedures Risk (Responsible Functional Area) User Owner Admin Custodian Compliant (Y/N) Other Action Plan if Needed: Target Date: 2.a 2.3.g 2. Integrity Is administrative password protection must be Compromise implemented for all system and security Integrity utilities. or any Fraud application security controls or data verified Theft to ensure that the process is only doing what Compromis it is authorized to d Data Integrity Is software which is capable of running in system protected areas.Section 2 .1. or Intrusion biometric characteristics)? Compromise Do security controls protect user authentication data (e.2. passwords. passwords.1. Intrusion operating system integrity features.1.1. authorized personnel. and usage logged and limited to authorized and documented security Compromise changes.xls .f 2.1.1. Availability 2. available and maintained on every computer or node to Intrusion prevent unauthorized users from gaining entry Compromise to the system and to prevent unauthorized Fraud access to data contained on.2.1. Availability Are default administrative account passwords Compromise for all security software changed during Integrity product installation. or accessible Theft through the system? (SIC 8.a 2.g.c 2.Section 2 .EISS Self Assessment . and executed by a limited Integrity number of trained.1) Evasion Does Security hardware/software provide a means to authenticate a user’s claimed identity (e.1. Availability administrative utilities approved and documented.h 2.d 2.1 Security Access Controls Are security controls installed.1 Computer Accounts Identification Is the login ID assigned unique within its own Integrity system domain and all other domains in which Confidentiality it will be used? x x x x x x x x x x x x x x x x x x x x x x x x x Page: 5 of 34 iCST Internal Use Only Filename: 2163706.1.e 2. encrypted tokens.d 2.1.g.1.b 2. biometric data) so that they cannot be accessed by any unauthorized Intrusion user? Compromise Are all SDLC inforatmion assets protected by an approved hardware/software security product Is it true that only approved hardware and software products that contain or enforce Intrusion security and are intended for use on any Compromise SDLC system or network to ensure they meet Fraud all of the requirements of the SDLC EISS? Are programs or routines which are capable of bypassing or modifying the security system. under privileged ID’s. Compromise or that is capable of granting special Fraud privileges tested.
and not be shared with others? Integrity Is there a documented and controlled process to permit account access to someone other than the owner when business situations Availability require them? 2.2.c x x 2.2.b x x 2.6.) Immediately upon termination or separation Compromise b.d 2.1.1.b x 2.2.3.a-d x x HR/Manag ers Page: 6 of 34 iCST Internal Use Only Filename: 2163706.d 2.a 2.Section 2 .2.2.2. Is documented management approval available for each computer account? (Such approval may be on-line or via E-mail.c 2.3.a x x x x x x x x 2.d x 2.a x x NonSDLCn Sponsor 2.3 Special Function Accounts Integrity Do you allow direct login to special function Compromise accounts? Fraud If you do allow direct login do you have Integrity controls in place that document the use of that Compromise account and who logs into it? Fraud When a users accesses a special function Integrity account do they authenticate themselves via Compromise a valid Computer User Account first? Fraud Is there a documented process in place to annually review the on-going need for those accounts? 2.xls .2.2.2. but must be explicit.b 2.Section 2 .3.c x x 2.EISS Self Assessment .2.2.5 Non SDLC Accounts Do all non-SDLCn accounts meet all of the Compromise requirements of SDLC accounts as well as Confidentiality the addiitonal approvals as described in Theft WWCFP A-6? 2.2 User Accounts Do all SDLCns that require access to SDLC Compromise systems have an individual login ID to access Availability any SDLC system Integrity Are UserIDs associated with a single individual.2. Confidentiality Is the guest account explicitly prohibited from access to all applications and system utilities not required for execution of its function? 184.108.40.206.1.are controls in place that they cannot gain access to SDLC Confidential Proprietary data or above without additional authentication.) Periods of inactivity 2.2.6 Account Administration ensure computer accounts are reviewed and suspended which include: a.2.4 Guest Accounts Is the guest account restricted to General Business Information only? Confidentiality If the guest can access above General Business Information.220.127.116.11.General System Integrity and Security Access Controls Identification Is a documented process must be in place to Integrity identify all accounts associated with a given Confidentiality user.3.a 18.104.22.168 x x 22.214.171.124.) Intrusion Identification Integrity Does every computer account have a devined Confidentiality owner? 2.
10.7 Password Security and Account Verification Are there controls in place that force account passwords to be a minimum of 6 characters.10 Other System Access Validations Have measures been taken to prevent unauthorized use of terminals and personal computers when unattended (e.3.Must not be easily viewable or accessible by another person.a)? Are proper controlsdefined before the data/resource is created and used.2.Not stored in plain text on computer hard drives.7. 2. datafiles.2.a-f Compromise x x x 2. encryption. not readily guesable or commonly recognizeable.h.b. with the additional requirement of having their passwords changed every 30 days? maximum of three consecutive invalid login attempts and suspended after severn invalid login attempts.3.e Compromise x 2.b x x x x x Page: 7 of 34 iCST Internal Use Only Filename: 2163706.Section 2 .EISS Self Assessment . key locks.8. printers. and not reused with a one year period? Do all priviliged/system or security administration accounts meet all of the requirements above.General System Integrity and Security Access Controls Does the process include deleting accounts that have been suspended for 6 months or longer? 2. .6.8 Password Confidentiality Are passwords protected from disclosure including? .9 Password Administration Is there a documented process for performing password administration that includes distribution. For example. 2.xls .1-e Compromise x 2.g.d 2.10. services etc. Is the operating and/or security system capable of limiting access and enforcing access to information assets. as required by the owners. shared data areas.1. physical removal. programs.2. password maintenance for special jobs and nonproduction proceses.7.2.2.a x x 2.3.e 2.c 2. Is the highest POPI classification of data easily identifable to users when they login in to systems? 2. suspension.I Compromise Compromise x x x x x x 2.9.2. change requests.10. or physical security of the location)? Is screen blanking activated after 10 minutes of inactivity Are procedures in place for reviewing unsuccessful logon attempts.2.a-b Compromise Integrity Confidentiality Compromise Integrity Confidentiality Confidentiality theft fraud compromise theft fraud compromise x x x x 2. 2.2. databases.2.Must not be displayed in plain view .2.2.c.3 Data and Resource Controls defined user authority and enforce access control to data within the system (SIC 8.2.2. etc.7.g Compromise x x x 2.Section 2 . changed at least every 90 days. 2.3. PDA's. applications.b x x x x x 2.
6.Section 2 . Does a change control process govern the testing and change control process.1 Audit Data Is there a documented process for identifying.EISS Self Assessment .a-d Compromise Confidentiality Theft Integrity Integrity Compromise x x x x 2.Advise data owners of their security responsibilities .2 Audit Log Classification Retention and Review Are audit log retention periods documented. .5.Section 2 .Have a documented process for performin Does the security administrator perform privileged or security functions from an account which is separate from his/her personal account. 2.c Page: 8 of 34 iCST Internal Use Only Filename: 2163706.b 2.f Compromise Integrity Compromise Confidentiality Theft Integrity x Mgmt.6 Security Vulnerabilities Is all security software up to date? Have all security patches/fixes been tested and applied. and does the account have a unique password? 2. 2.1.a x 2. reviewing and reporting on all significant security events? 2. and is the audit data protected against destruction or change.5. 2.General System Integrity and Security Access Controls Integrity Compromise Compromise Confidentiality Theft x x 2.xls .a-g x x x 2.4 Systems and Security Administration Does every computer have an identifiedsystem administrator? Are the following roles carried out by a specifically identified and authorized system or security administrator.Review and follow up on audit logs . x 126.96.36.199.2. capturing.4.4. and reviewed at a frequency that allows the detection of unauthorized entry before a significant loss has occurred.5.a 2.6.b-e Compromise Confidentiality Theft x x Mgmt.
bridges and gateways always placed in a locked environment? Are ACL’s documented.1.b X X 3.Section 3 .188.8.131.52.2.b Do Sector/group Network Information Centers (SNICs) work in cooperation with the SDLC Network Information Center (MNIC) to administer and maintain unique addressing for all communication protocols? Availability Has a network inventory of hosts and connections been created and maintained to aid identification of security requirements? Connectivity Integrity Availability Intrusion X 3.xls .Section 3 .EISS Self Assessment .3.a Are routers.a X 184.108.40.206.1.1 Objective or Procedures Risk Routers.1.1. Bridges and Gateways (Responsible Functional Area) User Owner Admin Custodian Compliant (Y/N) Other Action Plan if Needed: Target Date: 3. reviewed and approved prior to implementation and change? Intrusion Compromise Theft Financial Loss Integrity Availability Confidentiality Intrusion Compromise Integrity X X 3.1.2 Are ACL’s reviewed at a minimum annually to ensure that the need for the specific ACL’s Intrusion still exists and that undocumented changes Compromise have not occurred? Integrity Network System Tier Management Is a system of assigning addresses used and is it consistent with SDLC standards? Avalability X X 3.1.Network Security Standards EISS Specific Section Reference: 3.c 3. X Does a firewall exist between the internal network and any non-SDLC entity? Dial-In Intrusion Compromise Fraud Financial Loss Confidentiality Integrity X Page: 9 of 34 iCST Internal Use Only Filename: 2163706.1.c 3.
b X X 220.127.116.11.3.3.a Are passwords encrypted during network transmission? Are passwords stored encrypted and only decrypted during the actual password validation process? X X 3. or is isolated from Intrusion all other systems and networks and dedicated Compromise to unrestricted business use.2 Is encryption in compliance with local legislation? Data Encryption Confidentiality Intrusion Compromise Availability Financial Loss X X 18.104.22.168. Modems are not set to auto-answer UNLESS the modem is secured by an approved authentication mechanism.b 3.1.b Intrusion X X 3.2.Section 3 .EISS Self Assessment .2.1 Are dial-out services configured to meet the requirements of 3.3.c Compromise Does dial-in access to SDLC by non-SDLCns Confidentiality require a completed risk assessment? Intrusion X X 22.214.171.124.a 3.Section 3 .a Is SDLC Internal Use Only and higher encrypted end-to-end when transmitted? Confidentiality Integrity Financial Loss X X X X Page: 10 of 34 iCST Internal Use Only Filename: 2163706.2.Network Security Standards 3.6 Firewalls? Password Encryption X X X 3.1. or is set solely to Integrity receive facsimile transmissions? Confidentiality Dial Out Integrity Availability Confidentiality Compromise Intrusion Confidilability Availability Confidentiality Intrusion Compromise Availability Confidentiality Intrusion Compromise Availability X X 126.96.36.199.xls .c Is one way encryption used for all stored passwords? X X 188.8.131.52.1.a Is dial-in access to the SDLC network from a computer is prohibited unless the connection is through an approved external connection interface that is fully compliant with SDLC’s requirements? Intrusion Does dial-in access to SDLC require an approved two-factor user authentication mechanism? X X 3.d 3.
Section 3 .184.108.40.206.xls .d 3.g 3.a Are external connections between SDLC facilities encrypted? Are encryption mechanisms approved by the sector or group security function? Key Management Is an approved encryption mechanism used for the distribution of keys? X X 220.127.116.11. X X X X 3.3.d Are message compression techniques prohibited as a means of security.3. and only for the following reasons: X X 3.3.c Confidentiality Is SDLC Confidential Proprietary data Integrity encrypted when sent outside a SDLC facility? Financial Loss Confidentiality Integrity Financial Loss Confidentiality Integrity Financial Loss X X X X 18.104.22.168.3. and Integrity distributed using a documented procedure Availability that can be audited? Confidentiality Is any symmetric cryptographic key used by one communicating pair not knowingly used between any other communicating pair? Intrusion Integrity Confidentiality X X X X X 3.3.e 3.2. including the System Availability Administrator's ability to detect attacks Confidentiality X X X X Page: 11 of 34 iCST Internal Use Only Filename: 2163706.f 3.b Confidentiality Integrity Compromise Intrusion Are public/private keys created.EISS Self Assessment .3.2.2.Network Security Standards 3.a Intrusion 22.214.171.124.2.3.g Intrusion Are the major encryption keys for link Compromise encryptors changed from the default values at Availability the time of equipment installation? Confidentiality Intrusion Compromise Are link encryption keys configured to change Integrity Confidentiality as often as possible not to exceed 7 days? Are audit trails avaliable to verify the distribution of encyrption keys? Intrusion Do encryption key changes require the Compromise documented approval of at least two Integrity supervisory individuals? Confidentiality Intrution Compromise Availability Confidentiality X X X X X X 3.3. assigned.e 3. To verify that existing security controls are Compromise functioning.1 Conditions for Penetration Testing Is sanctioned penetration testing performed only where permitted by law.c X X X 3.3.3 3.3.3.h Is access to physical encryption keys for hardware limited to authorized personnel? 3.Section 3 .
4. (2) necessary for the investigation of an incident.f Do outside contractors used for sanctioned penetration tests complete a WW CFP A-6 risk assessment.h X X X X X X 3.4.) Are penetration testing tools restricted to those with a legitimate need for access? Intrusion Compromise Integrity Availability Intrusion Confidentiality Compromise Availability Confidentiality Intrusion Compromise Integrity Availability Confidentiality X X X X X X 3.d X X X 3.4. and sign a non-disclosure Intrusion statement subject to approval by the Compromise Corporate Director of Information Security or Availability a Corporate Senior Audit Manager? Confidentiality Intrusion Compromise Integrity Intrusion Availability Compromise Are bonded security professionals used? Confidentiality Integrity Is the use of ex-offenders strongly Availability discouraged? Confidentiality Are results of penetration tests treated as SDLC Confidential Proprietary information? (Refer to Policy SOP E-60 for information on storage.1.4.i Are these tools made available only for the duration of testing? X X X 3.1.1.c Is a request for a sanctioned penetration test to be performed on a system other than the System Manager's referred to a Testing Authority who shall review the request and either sanction testing or reject the request? Is it true that only the above-referenced System Manager or Testing Authority may sanction testing and all other test approvals are prohibited? Intrusion Compromise Availability Confidentiality Intrusion Compromise Availability Confidentiality X X 3.1.4.i Is care taken so that tests do not adversely affect the operation of the system under test.1. (3) the response of the LAN/System Administrator is being tested? X X X X X X 3.f 3. confidentiality or availability of Confidentiality data? Availability X X X Page: 12 of 34 iCST Internal Use Only Filename: 2163706.4.1.g 3.Section 3 . processing and handling requirements.Section 3 .4.Network Security Standards Intrusion Compromise Availability Intrusion Compromise Integrity Availability Confidentiality 3.b 2.1.f 3. Integrity or the integrity.1.4.1.EISS Self Assessment .xls .4.1. To confirm the existence of a system or control vulnerability Are tests approved by the System Manager and executed under the supervision of the System Administrator unless: (1) part of an audit.4.
does the tester or Testing Authority notify the System Manger.k X X 3.5.4. does the custodian of Availability that procedure make revisions? Confidentiality Intrusion Compromise Is information about a deficiency restricted to Integrity those directly responsible for determining and Availability implementing the corrective action? Confidentiality For the purposes of eliminating redundant audits. therefore.a Does a change management process exist such that changes are documented in the Operations History Document? X X Page: 13 of 34 iCST Internal Use Only Filename: 2163706. and correlating self-audits with formal audits.1.1. System Administrator and data owners.5.l X X X 3.1. determining vulnerability trends.1.j Penetration attempts may trigger intrusion detection mechanisms.1.c Do inbound connections used to retrieve SDLC data use port 443 only.xls .4.Network Security Standards 3. prior to the initiation of testing.4.b Intrusion Compromise Fraud Theft Are security measures enforced at each layer Financial Loss Intrusion of the architecture.5. Confidentiality Compromise Fraud Theft Are network connections initiated by end Financial Loss users using an https/ssl capable browser? Confidentiality X X X X 3.1 Reverse Proxy Security Architecture X X X 3.k X X 3.1.1.Section 3 .5.2.m Intrusion X X 3.1. are business unit test results available to Corporate Testing Authorities? 3.Section 3 .1. has the sector/group information security manager been notified as to the conditions and intent of tests? Availability If any specific controls are identified as inadequate or needing corrective action.5.a 3.k X X X 3.4.4.EISS Self Assessment . as appropriate? Intrusion Compromise Integrity Availability Confidentiality Intrusion Compromise Integrity Are the notifications and responses Availability Intrusion documented? Confidentiality Compromise Integrity If a procedure is faulty.4. Intrusion Intrusion Compromise Fraud Financial Loss Confidentiality X X X 3.
6.Section 3 .c Does the application guarantee that access to and actions on the specific datais explicitly Intrusion approved for each user making a request Compromise 3.5.xls .126.96.36.199 Network Interconnection Architecture X X X 3. Compromise testing or web content building takes place on Fraud the production system? Availability Is development.1.Network Security Standards Is configuration management process/change control implemented for web content building on the web server such that no development.5.b 188.8.131.52. 3.3.b Does the application log all accesses/service Intrusion transactions it performs? Compromise X X X 3.a Does the application implement controls which limit the amount of data delivered or actions taken to only those actions which are Confidentiality approved? Integrity X X 3. testing.Section 3 .EISS Self Assessment .c X X X 184.108.40.206.2.d 3.a Intrusion Compromise Is the security standard for external to internal Fraud Theft connections designed around a proxy Financial Loss architecture approved by the Information Integrity Security Council and Group/Sector Availability Information Security? Confidentiality Does every component have the ability to log at the protocol layer it is filtering? Intrusion Is the architecture based on a minimum of two Intrusion separate hosts? Compromise Do SMTP and NNTP have UUCP between proxies? (SMTP/NNTP <-> UUCP <-> Intrusion SMTP/NNTP) Compromise Intrusion Is dual porting used for proxies? Compromise X X X X X X X X X X Sector or Group Security and ISC Page: 14 of 34 iCST Internal Use Only Filename: 2163706.a 220.127.116.11.6.3 Application Security Requirements Intrusion Compromise X X X 3.a 3.3.6.a 3.1. and web content building segregated and performed on nonproduction systems.5.1.a 3.2.3.e Does the web server limit its functions to validating user/application data and to making Compromise requests of the application server? Integrity Is the web server configured not to act as a proxy? 3.
xls . a time and date stamp.6.d 3.3.6.d X X Page: 15 of 34 iCST Internal Use Only Filename: 2163706.b 3.a 3.b 3. http web proxy) is permitted to run on the host? X X X X X X 3.6.2 Network Security Requirements for External Connections Are network security and administration controls must be fully documented in the Compromise Operation History Document (OHD)? Availability X X X X X X X X X X 3.2. and pertinent information about the service request or network activity? Is it true that no application proxy (e.e Are network controls in place to reject invalid Intrusion spoofed or replayed packets? Compromise Are services available restricted only to necessary securable services? Is an approved network vulnerability testing tool used to verify the controls in place for firewall hosts? Do configuration changes generate an alarm? 3.f Intrusion Compromise X X 18.104.22.168.c Intrusion Does each host have controls that determine Compromise which of its services may be used? Confidentiality Intrusion Compromise Confidentiality Is appropriate authentication implemented? Intrusion Does each host log all network connections to Compromise it? Confidentiality Do the logs contain the source address. to prevent exploitation of dynamic reply Intrusion ports?.a 22.214.171.124.3.2.3 Host Security Requirements Intrusion Compromise X X X X 126.96.36.199.a 188.8.131.52. Compromise Intrusion Is filter #2 used to maintain session logs? Compromise Do all devices have two factor authentication Intrusion for administration? Compromise 3.6.6.Section 3 .6.g.c Intrusion Compromise X X 184.108.40.206.2.2.Section 3 .3.a 3. control and protect all hosts/servers in the architecture? Are access controls must be put on the packet filter to enforce and compliment the host Intrusion and application control? Compromise Is an application proxy used to validate the application protocol for any service which passes into or out of the SDLC network? Intrusion Compromise Confidentiality X X X X 3.EISS Self Assessment .Network Security Standards Intrusion Compromise Confidentiality 3.6.3.a Is local backup used? Is Filter #2 used to maintain state information.c Is a packet filter must to limit.
3.3.Network Security Standards 3.i X X X X 3.m X X 3.xls .Section 3 .6. Are logs pulled off within seven days (e.f 3.0 X X X X Group Network Security Page: 16 of 34 iCST Internal Use Only Filename: 2163706.l X X X 3. using FTP). the kernel.Section 3 .6. and host configuration files.6.3. including applications and compilers. system Intrusion services binaries.EISS Self Assessment .220.127.116.11. network configuration files.3. the password file.g.18.104.22.168. Does the host use an automated method to synchronize its clock with an authoritative SDLC time server? Are self-assessments or independent audits performed every six months? Intrusion Compromise Intrusion Compromise Intrusion Compromise Intrusion Compromise Intrusion Compromise Availability Integrity Intrusion Compromise Compromise Intrusion Intrusion Compromise X X X X X X 3.3.k X X 3.6.6.j X X 3. Compromise Is an approved system configuration checking Intrusion tool run monthly? Compromise Are all unneeded files and services. sensitive and critical information? jDo all interactive privileged network logins use two-factor authentication.3.e 3. services.6.3.6. and are not be allowed via network segments susceptible to session hijacking or spoofing? Is it true that no user accounts exist on the hosts and network devices? Is a configuration management process/change control process implemented for configuration and executable files? There must not be any development or testing on the production system.n 3.g Intrusion Are approved intrusion detection tools active? Compromise Are approved integrity tools active on hosts? Minimum checks are The minimum checks are boot files. removed? Is appropriate authentication and encryption must be in place to protect the host's data.h 3.
1.Section 4 .f 4.1. Availability Integrity Intrusion Is dial-in only allowed through a SDLC Compromise approved access system.I 4.1.1. does it prompt Integrity for a password which preserves the integrity Compromise of work i Confidentiality Are the number of system logon entry failures must be limited to three. Fraud Is there an independent quarterly review to Integrity ensure security software is up to datewhen Compromise users are their own administrators? x x x x x x x x x x x x x x x x x x x x x x Page: 17 of 34 iCST Internal Use Only Filename: 2163706.1. (Responsible Functional Area) User Owner Admin Custodian Compliant (Y/N) Other Action Plan if Needed: Target Date: 22.214.171.124.1. Compromise provide an audit trail for Integrity preventative/detective measures in case a Intrusion computer is compromised.e 4.j 4.1.g 126.96.36.199.EISS Self Assessment .2.1. Confidentiality Is the data and/or business applicatons Integrity protected by access controls to segregate to Compromise access to them.b 4.2 Shared Computer Systems Does the access control method provide for registratoin and tracking of each users logon Compromise activities.1. which automatically engages after no more than ten minutes of inactivity. Is a time delay or system lockout inserted after the third invalid Intrusion attempt.1 Information Security for Computers Objective or Procedures Risk 4.2.c Confidentiality Intrusion Integrity Compromise Confidntiality Are protection mechanisms in place to Intrusion prevent direct access to data on the fixed disk Integrity Compromise or from removable media when booting. Compromise Is the computer access control system configured to allow access by an authorized administrator. do they require a minimum of twofactor authentication to meet the standards of the SDLC EISS Section 2. Where secure authentication mechanisms are used. Confidentiality Are users their own administrator without Availability compensating controls in place. or when manually invoked and when activated.1.h 4.Section 4 .1. Intrusion Does the access control system require a unique login ID and password for each user of Confidentiality the system in accordance with SDLC EISS Compromise Section 2.1.Computer Systems Security Standards EISS Specific Section Reference: 4.xls .1.c 188.8.131.52.1. Intrusion Does the computer must a timed lockout/screen blanking mechanism.d 4.a 4.1 Access Control Does each computer have approved security software installed which requires a password OR a secure authentication mechanism which meets SDLC standards.1.b 4.1. Confidentiality 4.1.a 4.
184.108.40.206. have they been erased.1.1.f 4.2.1.Section 4 . are nonSDLCn personnel escorted and closely monitored when in the SDLC facility or do they have a non-escort badge accountable to a specific manager.220.127.116.11.h x x x x x x x x 4.1.g 4. Is magnetic media used for troubleshoting diagnostics made available for SDLC review Are remote diagnostic links to non-SDLCn eqjuipment controlled in accordance with EISS section 3? Are malfunctioning parts or circuit boards replaced with factory fresh or factory repaired components? If non-volatile components are involved.1.4.3.c 4. When disposing of MCP or higher data is the informaiton overwritten. At the end of the work day is external storage media secured.Computer Systems Security Standards Compromise Integrity Intrusion Compromise Confidentiality 18.104.22.168.e Compromise Confidentiality Theft Integrity Compromise Compromise Integrity Intrusion x x SDLC Manager SDLC Manager 4. At the end of the work day.a 4.3 Information Security Is a custodian assigned for each computer system who is responsible for the security administration Has the custodian determined the highest level of information.c Is the administrator account password changed every 30 days.4.a 4.1. Is all SDLC Registered Secret Proprietary data encrypted.xls .b 4. Does removable storage media that contains MCP data secured and locked away when not in use.3.4 Hardware Maintenance Is the SDLC data overwritten or the media reformatted when systems are sent out for service or is there a non-disclosure in place to cover this.1.f Compromised Confidentiality x x Page: 18 of 34 iCST Internal Use Only Filename: 2163706. Have non-SDLCn maintenance personnel signed a non-disclosure and complied with A6? If a non-disclosure is not in place.1.1.d 4. 4.1.b 4.3.1.e 4.d 4.1. Is SDLC Confidential Proprietary information on shared systems protected by additional access controls other than those used to gain access to the basic computer system.c x x x x SDLC Manager 4. When external drives are sent out for service has data been removed.EISS Self Assessment .Section 4 .3.3. reformatted or overwritten.3. or the media reformatted or physically destroyed. established controls and advised users of the security requirements of that system. is all removable media clearly labeled and secured in a locked cabinet. or removed and destroyed? x x x Confidentiality Intrusion Compromise Theft Confidentiality Compromise Theft Compromise Confid Theft Compromise Confidentiality Theft Compromise Confidentialtiy Theft Compromise Confidentiality THeft Compromise Confidentiality Theft Compromise Confidentiality Theft Compromise Confidentiality x x x 4.3.
Compromise is all removable media removed. have all compromised passwords been changed and Compromise the system scanned for viruses? Confidentiality If critical data needs to be recovered.g 4.1.EISS Self Assessment . printers. or PDA systems) which are used for SDLC business have virus detection software installed with Integrity active mode enabled.22.214.171.124.5. and other devices before equipment is reassigned per SOP E-126.96.36.199.e x x x x x 4.2.b 4. Confidentiality When hardware is reassigned or disposed of.? Confidentiality When faxes or printer are reassigned.1. are circuit boards with non-volatile read/write Compromise data memory erased or removed? Confidentiality Are carbon ribbons and thermal cartridges removed from fax machines. Theft If the drive is inoperable and the data unrecoverable.Computer Systems Security Standards If Maintenanced is performed.a 4.Section 4 .2. Availability Is the latest version of virus definitions applied Integrity to all systems with anti-virus software.1.Section 4 . is all SDLC data overwritten or is the media Compromise reformatted to ensure it is unrecoverable? Confidentialiy Is all SDLC-licensed software removed from a rented or leased computer system prior to its Theft return to the supplier? Legal When a computer system is transferred between individuals.2 Virus Control Do all computers (except mainframe.d 4. is data overwritten or the media reformatted to ensure that no confidential data is compromised and no data Compromise remaining on the computer system opens the Confidentiality potential recipient to issues of inappropriat Legal When hardware is reassigned or disposed of. Availability 4. Availability Is all software scanned before it is loaded onto any SDLC computer.2.h x x x Whoever sends the drive out x x x x 4.4.c 4.a 4.5. has it been sent to a SDLC approved data recovery Compromise service under a non-disclosure agreement? Confidentiality If the drive contains SDLC Registered Secret Proprietary information has a SDLC with Compromise authorized access accompanied it at all times Confidentiality when seviced. and is a full scan Integrity performed after it has been loaded.188.8.131.52. Integrity are full scans performed daily.1.c x x x x x x x 4. Unix machines not using emulators.. moved to storage or returned to lessor.5.f 4. has the media been physically Compromise destroyed Confidentiality 4.d 4.e x x x x x x x x Page: 19 of 34 iCST Internal Use Only Filename: 2163706.g x x x x x 4.1. are all paper products removed? Confidentiality 4.j 184.108.40.206 Hardware Reassignment and Disposition When hardware is reassigned or disposed of.xls .b 4. Availability Are full scans run after new virus definitions Integrity are updated? Availability For any systems that have virus detection software running with active mode disabled.4.
b 4. no parts of the software remain loaded in memory at the workstation. VxD.d 4.3. are the nodes that can access these licenses within Legal specified physical boundaries? Theft Is the method of implementation carefully reviewed to ensure that when the software is not executed.1.g.Section 4 .Computer Systems Security Standards Is software from public or private sources including but not limited to the internet.c 4. is there a process in place to ensure licenses match the number of licenses Legal allowed.a 4.f x x 4.1.d x x x x 4.2.5. or Wrapper.EISS Self Assessment .a x 4. used in accordance with the terms of the software licensing agreement for the Legal product.1.b x x 4.2. Theft When concurrent licensing is deployed and Suite Support is required (Microsoft Office. scanned Integrity before use.a x x 4. does proof of licensing exist? Theft 4. is metering in place to restrict the number of Legal concurrent users to licenses authorized? Theft If concurrent licensing is implemented.3.3 Individual or Named User Licensing When individual licensing is deployed. such as Legal a dependent TSR.3.xls . etc.2.3.3.g x x 4. etc.2. does the computer system user understand the Availability procedures to follow? Integrity 4.3. has each user running the program purchased Legal their own license to run the software.220.127.116.11.3.. FlexLM) to limit license usage to the nodes specified in the Legal agreement. Theft Are procedures in place to handle the Legal detection of unlicensed software? Theft Are procedures in place to ensure that software is not reproduced unless licensing Legal allows? Theft Does a documented process exist for Legal performing regular annual software audits? Theft When master or site licensing agreements are Legal not in place.e x 18.104.22.168. Theft Are license agreements on file that clearly state the maximum number of concurrent Legal licenses allowed.2.a x x Page: 20 of 34 iCST Internal Use Only Filename: 2163706.3. Theft 22.214.171.124.5 Server-Based Licensing In server environments where licensing is based on a designated number of connections.4 Node-Based Licensing a shared server within SDLC. Theft 4.3.3. Lotus Suite. Theft 4.3.3.) can you monitor and properly account for software products within Legal the Suite accurately.a 4.. Availability If a suspected virus is discovered that cannot be repaired with the anti-virus software.Section 4 .4.2 Concurrent Licensing If concurrent licensing is deployed.c 4. is there an active metering program (e.3.e x x x x x x x x x 4.1 Software Usage Is all software that is approved and purchased. Theft 4. computer bulletin boards.
d 4. desktops and laptops.7. is there a process in place to reevaluate home usage so that it adheres to the Legal updated agreements? Theft 4. been Legal approved by management and is it Theft documented and tracked.Computer Systems Security Standards 4. Is documentation retained to identify the evaluation period and the terms of the evaluation? Where evaluation software is used for production work. etc.a 4.a 4.6 Evaluation or Demonstration Software Is all evaluation or demonstration software removed from any SDLC storage media upon the conclusion of any authorized evaluation period unless purchased or legally licensed for Company use.6. is it specifically authorized in the agreement.3.9.c 4.b/c 4. such as home systems.3.3.3. does deployment comply with all usage and Legal licensing agreements.8 Licensing Compliance for Second System Use Has the installation of any SDLC owned software on multiple systems. Liability Is there a process in place that ensures the procurement and/or export of software complies with the governing laws of all Legal countries where it is being exported. Is a process in place to ensure that SDLC software that is installed on any associate owned computers is installed in accordance with license agreements and deleted upon separation from SDLC or when job Legal responsibilities no longer support the use o Theft When software license agreements are renewed.3.3.8.EISS Self Assessment . were isolated test performed before loading this software on any production computer. 4. Liability 4.8.3. Liability x x x x Managem ent x x x x Managem ent x Managem ent x Installer Managem ent x x Managem ent x x x Page: 21 of 34 iCST Internal Use Only Filename: 2163706. Integrity In situations which require the use of Freeware/Shareware software in SDLC products.a 4.a 4.xls .126.96.36.199.7 188.8.131.52.3. is adequate support available and Legal have license agreements been carefully Theft reviewed to ensure that they allow for reIntegrity packaging or commercial sales.3.3. Theft Where freeware/share software has been deployed.6.Section 4 .184.108.40.206 Shareware/Freeware Software 4.3.b 4.9 Software Export Is the deployment of all applications legal Legal within any country where it is being installed.Section 4 ..c Legal Theft Legal Theft Fraud Legal Theft Fraud x x x x x x 4.b 4.b Liability Integrity Availablity Is there no shareware/freeware software used Legality in mission critical environments? Theft Where shareware/freeware software is used.
5.c x x x Managem ent 4.1 Mobile Computing Compromise Is any data classified MCP or higher on a Confidentiality laptop computer stored in encrypted format. Theft Are laptop computers. are backup resources provided that comply with the backup requirements in Section 7 of this Integrity document.a 4. Liability 4.c x x x 4. Legal 4.1. and removable disks kept physically locked up Compromise when not in the possession of a SDLC Confidentiality employee.EISS Self Assessment .4. modular drives.d 4.4.d 4.2. Are PDA's either password protected.5 Personal Digital Assistant Theft Are PDA's carefully protected against theft or Confidentiality Availability accidental loss.4.3.c x x x Managem ent x Managem ent Managem ent 4.d x x 4.1. data encrypted or protected by id/password Compromise protection authentication.b 4.a x 4.5.xls . Availability 4.b 4.5.5.Computer Systems Security Standards Does appropriate documentation accompany Legal all software that is moved between countries. Integrity Integrity Is the PDA regularly backed up? Availability 4.e 220.127.116.11.c x x x 4.4.b 4.Section 4 .3 Occasional Work at Home Are records of SDLC owned software installed on employee owned computer systems Liability retained in the office. Theft Are procedures in place for security administration.4.2 Telecommuting Are procedures in place for security administration.4.3.4. Availabity When a machine is off-site. Availability 4.Section 4 .4.4.4. Availabity When a machine is off-site. is approved two-factor authentication Confidentiality used? Intrusion Are proper controls over the licensing of PDA applications in place and is proof of licensing available for audit for any software purchased Legal for the PDA as applicable. are backup resources provided that comply with the backup requirements in Section 7 of this Integrity document. Confidentiality When remote access capability is built into a Compromise PDA. Liability Are controls in place to ensure the integrity of synchronized data transferred from a PDA.1.2.5.g x x x Page: 22 of 34 iCST Internal Use Only Filename: 2163706.
3.a 5.1. 5.1.b 5.1.Specific Network Technology Security Standards EISS Specific Section Reference: 5.b x 5.EISS Self Assessment .3. Integrity Compromise Confidentiality Are all E-mail gateways secured in a Integrity protected area. and under their direct Compromise supervision. who is Compromise responsible for the account administration.1.c 5.2. Integrity 18.104.22.168.1.c x Page: 23 of 34 iCST Internal Use Only Filename: 2163706.1.1.e x x x x x x 5.b x x x x x x 5.2 E-Mail Servers/Gateways Do all production e-mail servers and gateways on the SDLC computer network comply with the same guidelines set forth in Compromise the SDLC Enterprise Messaging Standards Confidentiality and Guidelines for general server security.1. and backup of the system. Are Procedures documented and in place for handling Compromise activation. as well as refere Integrity c) E-mail administrators may only access information contained in e-mail accounts of supported users with the explicit consent of SDLC management.1.1. or no longer with SDLC are disabled immediately and permanently removed within Compromise three months.a 5. Integrity Compromise Is it true that SDLC E-Mail accounts are not Confidentiality be forwarded to a non-SDLC E-mail account. Confidentiality maintenance. de-activation.Section 5 .3 E-Mail Administrators Is a process in place so that E-mail administrators ensure that accounts are properly maintained.1 E-Mail Users Does all E-mail correspondence have a valid business purpose? Integrity Compromise Is every E-mail user uniquely identified by Confidentiality their own separate E-mail account? Integrity Do shared e-mail accounts must fully comply with the standards for shared system Compromise accounts as identified in section 2 of this EISS Confidentiality document.a x 5.1. Integrity Is a process in place to ensure that E-mail accounts for individuals no longer requiring access. and removal of EConfidentiality mail accounts.3.1.0 Specific Network Technology Standards 5. This includes all local E-mail Confidentiality accounts.2.1.Section 5 .2 x x x 5.xls . A documented process must be Confidentiality in place for handling situations whic Integrity x x Objective or Procedures Risk (Responsible Functional Area) User Owner Admin Custodian Compliant (Y/N) Other Action Plan if Needed: Target Date: 5. Integrity Does each production e-mail server and gateway must have a primary and secondary e-mail administrator identified.1.
If a fax device also supports dial-in data reception.EISS Self Assessment .6.6.1.c 5.5 E-Mail Enabled Applications If the E-mail system is used for information that requires non-repudiation.5.2.Section 5 .2.Specific Network Technology Security Standards Does explicit management consent exist before E-mail system administrators are allowd to access E-mail messages not their own? Is the process documented and approved by management? Is a process in place whereby E-mail administrators ensure that all users of the systems they are responsible for are familiar with SDLC’s E-Mail Appropriate Use Guidelines? 5. are adequate controls in place to support this? 5.2 Fax and Telex Standards Are faxes pertaining to SDLC business the only ones allowed into SDLC.2.a x x x Mgmt 5.1.xls .d x x x Mgmt 5.Section 5 .6 POPI Classification of E-Mail Messages Are all E-mail messages classified Internal Use and Above t be properly classified as part of the message body in accordance with SOP E-60. f) Use of facsimile and telex devices within SDLC for material classified SDLC Register Secret must be located in physically secured locations.a Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity x x x 5. as required by SOP E-60 (POPI).d 5. Are recipients of faxes classified as SDLC Confidential Proprietary or higher present at the fax machine during transmission.1.2.b 5.6.2.a x x x x 5. within SDLC containing information which is classified higher than SDLC General Business Information specify the classification of the information.b x x x x 5. data reception must be protected as required in section 3. Are fax machines in non-secure areas turned off during non-business hours to prevent the possibility of receipt of SDLC Confidential Information or higher.1.e x x x x x x x x x x x x 5.3.2. Is the fax feature of any machine supporting both fax and data signals disabled when data transmission is active.g Compromise Confidentiality Integrity x x x x Page: 24 of 34 iCST Internal Use Only Filename: 2163706.2. 5.1.2.c x x x x x x 5.1.f x x x x 5. Is iInformation classified as Internal Use and above encrypted if sent from a system attached to a SDLC network to anyone outside of the SDLC network.1. Is it true that SDLC Registered Secret Proprietary information is not transmitted internally or externally unless it is encrypted. Are facsimile and telex devices used within SDLC for material classified SDLC Registered Secret encrypted for transmission. Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity x Mgmt 5.
22.214.171.124. Integrity Are controls in place to ensure that no person posts any information or programs that will Compromise cause a compromise to the security or Confidentiality integrity of a SDLC system.3. software fixes. or business Compromise partners is only posted on SDLC-limited Confidentiality newsgroups. suppliers. for example Compromise discussion of a health problem which is Confidentiality making an employee absent from work. Integrity Is it true that Information pertaining to Compromise questionable security practices or breaches Confidentiality are not be posted to any BBS. the recipie 5.2.c Are all persons posting to a SDLC bulletin board required to identify themselves by name.Section 5 .2.3. Integrity Is a process in place to inform management Compromise when prohibited information is detected on an Confidentiality electronic bulletin board service? Integrity 5.3. or privileged.2.3.1 Individual Identity Are login ids and passwords required before an individual can access the articles on any SDLC newsgroup.e 5.d 5.3.2. not public domain bulletin Confidentiality boards.b 5. Integrity Is it true that any information classified higher than SDLC General Business Information is not posted on any bulletin board system Compromise unless the SOP E-60 (POPI) protection Confidentiality requirements are met.h Compromise Confidentiality Integrity x x x x 5.b 126.96.36.199 Publishing Standards Is it true that no racially/ethically sensitive or otherwise obviously offensive information is Compromise posted or allowed to be posted to SDLC News Confidentiality groups or BBSs.a 5.3.f 5.1. Integrity 5.xls . contractors. Does it also state that if the fax communication is received in error.a 5.2 Bulletin Board Data Classification Is general information.3.EISS Self Assessment .3. Integrity Is it true that news provided strictly for SDLC customers.3.b 5.Specific Network Technology Security Standards Do fax cover sheets specify that the fax is intended for exclusive use of the addressee and may contain information which is confidential.Section 5 .3. Integrity Is it ture that information classified as SDLC Internal Use Only is only be posted to SDLC Compromise newsgroups.4 Bulletin Board Administration Compromise Confidentiality Integrity Compromise Confidentiality Integrity x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x Page: 25 of 34 iCST Internal Use Only Filename: 2163706.2. 5.c 5.3. proprietary.3 Bulletin Board Standards 5.3. 5.3.a 5. public domain software or documents posted on an Compromise electronic bulletin board system prohibited Confidentiality unless approved by the originating author. Integrity Is it true that bulletin boards are not used for the posting of sensitive personal data which intrudes on a person's privacy.2.3.
VAN.2.12.EISS Self Assessment .2 Trading Partner Accounts Compromise Is it true that trading partner accounts cannot Confidentiality be activated until a trading partner agreement Integrity has been signed and approved.4.1.4. and files from unauthorized access by trading partners and SDLC employees.a 5.5) Financial Loss Is a process in place to ensure that the Compromise individual who signed for the account reviews Confidentiality trading partner accounts and data access Integrity authorizations on an annual basis.188.8.131.52.d 5. Financial Loss 5. Does the data security software report authorized use of EDI transactions as well as all unauthorized attempts must produce an audit trail.4.4.4.c 5. Financial Loss 5.4.4. Financial Loss transaction processing (operating system.1. 5.3 EDI Security Controls x x x trading partners x x x x x x trading partners x x x x x x x x x x x x x x Page: 26 of 34 iCST Internal Use Only Filename: 2163706.Specific Network Technology Security Standards Compromise Confidentiality Integrity Compromise Confidentiality Integrity Compromise Confidentiality Integrity Financial Loss 5.4.xls .a 5. The audit trail for unauthorized attempts must be reviewed weekly by the individual responsible for the EDI tra x x x x x x x x x x x trading partners 5.3. and application software) must Compromise minimally meet the SDLC password Confidentiality requirements established in the General System Integrity and Access Control Integrity Standards (Chapter 2).Section 5 .4.Section 5 .4.d Compromise Confidentiality Integrity Financial Loss Compromise Confidentiality Do trading partners establish security controls Integrity to verify the authenticity of data received.b 5.3.4.a 5. Financial Loss Compromise Are trading partner accounts terminated within Confidentiality twenty-four hours of cancellation notice by the Integrity EDI client business unit. Financial Loss Compromise Is it true that trading partner agreements must Confidentiality either be signed by the Sector/Group Integrity Controller or General Manager (SIC 8.1.b Is aA system administrator assigned for each bulletin board service.1.4.2.f 5.1. Financial Loss Is trading partnership data assigned a security classification based on Protection of Compromise Proprietary Information (POPI) requirements Confidentiality regarding sensitivity of data and access Integrity authorization Financial Loss Is trading partner data segregated in a Compromise manner such that a trading partner only has Confidentiality access to data required for its business Integrity application. programs.1 EDI Data Security Software Does data security software protect EDI transactions.e 5.c 5. Is it true that the maximum classification of information allowed by the newsgroup must be defined by the newsgroup or BBS system administrator whenever a newsgroup is created.b 5.4.2.
5.b Compromise Confidentiality Integrity Financial Loss Compromise Confidentiality Integrity Financial Loss x x x x x x 5.xls .4.b 5. Financial Loss Compromise Does a business resumption/disaster Confidentiality recovery plan must exist for EDI transaction Integrity processing.4.3. value added networks and value added network interconnections.EISS Self Assessment .4.4.Specific Network Technology Security Standards Are security controls in place for EDI data routed through public data networks.4.a 5.Section 5 . 5. Financial Loss x x x trading partners x x trading partners x x x Page: 27 of 34 iCST Internal Use Only Filename: 2163706.4.Section 5 .4.4. Do any dial up security controls for EDI systems must minimally meet the SDLC requirements defined in the SDLC EISS Section 3. the Internet.3.4.4 EDI Auditing Do application error recovery procedures exist for EDI messages in the event of processing errors. enterprise networks.c Compromise Confidentiality Integrity Financial Loss Compromise Confidentiality Is an audit log of all EDI transactions retained Integrity as per Corporate SOP's A-4 and A-10.a 5.
xls .1. confidentiality Are all entrances physically secured (SIC 8.a x 6. confidentiality and reviewed at a minimum annually to ensure that access to personnel is still required. If the workstation processor is in a public or nonMotorola controlled area.Physical and Environmental Security Standards EISS Specific Section Reference: 6.a 6.1.1 Computer Media Handling Is it true that computer storage media isnot stapled.c 6.b 6. confidentiality Are unauthorized personnel (e.c x x 6. Are laptops which are locked in a docking station removed from the docking station for overnight and locked up out of sig availability Are procedures in place to ensure that workstation equipment is only be moved after taking proper precautions against damaging the machine. confidentiality Is VCR monitoring equipment installed to monitor particularly sensitive locations confidentiality 6.1. integrity 184.108.40.206.1.a 6.d x x 6.2. tethered).1. integrity Are all diskettes.1.0 Physical and Environmental Security Standards 220.127.116.11.Section 6 .Section 6 .1.3.EISS Self Assessment .f x x x x x x 6.2) with card access controls or equivalent security in place. or room. floor.a 6.1. are they used in addition to other forms of security.2 File Servers and Telecommunications Equipment Is telecommunications equipment located in confidentiality a physically secure and locked environment. availability Are all laptop or palmtop computers physically locked in a desk or cabinet when unattended for overnight periods or longer.1. such as physically separating any removable drives or locking stationary heads. is it physically secured to prevent theft (i. visitors.3. maintenance support personnel) escorted at all times.d 6.1. confidentiality Are detailed logs kept of all persons entering a secured environment.e 6.g. bound with a rubber band.3. or other storage media stored in a holder specifically designed for that purpose.e.1 Computer Centers Are computer centers located in a secure environment with access restricted to availability authorized personnel only. availability When physical locks are an internal part of the equipment.b x x x 18.104.22.168 Computer Workstations Do all workstations reside in a physically secure building. or paper clipped to other materials. tapes.b x x x x Page: 28 of 34 iCST Internal Use Only Filename: 2163706. integrity Objective or Procedures Risk (Responsible Functional Area) User Owner Admin Custodian Compliant (Y/N) Other Action Plan if Needed: Target Date: 6.2. integrity 6.1.
availability Are in-line surge protection/management devices used to protect against power fluctuations.h x x x x Page: 29 of 34 iCST Internal Use Only Filename: 2163706.1.4.13) availability Are smoke detectors and fire extinguishers tested at least every six months.1.5.b x x 22.214.171.124. or the printer be attended by the recipient during printing? confidentiality Are fax machines used to transmit Motorola Registered Secret information located in a physically secure area.d 6. and computer center lighting maintained on isolated electrical circuits. computer ventilation system(s).e x x x x 6.a 6.a 6. confidentiality 6. integrity Do iIndividuals using removable storage media protect them from hazardous environmental and magnetic influences.1.5.b x x x x 6.1.d 6.3. integrity Is care taken to keep electronic storage media away from environmental or magnetic influences integrity 6.5.c 6. availability Is information protected against modification by environmental hazards. availability Are the power controls for electrical computer equipment.e x x x x x x 6.g 6.5. and other accidents that could cause data integrity problems.Physical and Environmental Security Standards Is proper care taken when handling the exposed portion of storage media to minimize fingerprints on recorded surfaces.5.b 6.5.xls .126.96.36.199. confidentiality Are recipients of Motorola Confidential or Motorola Registered Secret information must be present at the printer or fax machine during receipt/transmission.5.Section 6 .1.1. availability Is air conditioning installed and maintained to prevent equipment damage caused from overheating availability Is iInstallation and maintenance of computer equipment maintained in compliance with the environmental requirements described by the equipment supplier.5.1.4 Printer/Fax Security Are all printers used to print information classified as Motorola Confidential Proprietary or higher located in a physically secure area.3.c x x x x x x 6.5. line noise.EISS Self Assessment .f x x 6.Section 6 . integrity Does the individual using storage media protect them from pressure caused by other objects integrity 6.1.1 Hazard Protection Is it true that computer equipment isnot be located near any combustible or hazardous areas (SIC 8.
system and/or network in order to establish the true level of information criticality and is it reviewed/updated by the application owner and equipment custodians at a minimum Is the level of information criticality must be reviewed.c X X X X 7. Are incremental or differential backups done based on business need. offsite vaulting cycle and any trade off rational used in developing the backup plan.3.3.2.c X X X X X Disaster Recovery Coord. Are the backups kept in an area physically separate from the systems/server(s). DRC 7.2. file server software.e 7.Section 7 . (Responsible Functional Area) User Owner Admin Custodian Compliant (Y/N) Other Action Plan if Needed: Target Date: 7. is complete and sufficiently current so that the amount of data loss is acceptable to business management. DRC Disaster Recovery Coord.a Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Disaster Recovery Coord. Does the Backup Plan insure that in the event of a disaster.0 Information Back Up and Recovery Standards Objective or Procedures Risk 7. DRC Disaster Recovery Coord. DRC Disaster Recovery Coord. application programs and data full backups taken weekly. software applications and data to the agreed upon level of criticality. DRC Disaster Recovery Coord.Information Backup and Recovery Standards EISS Specific Section Reference: 7. the recovered data is current enough to support the busi 7. be taken off-site frequently enough to insure that in the event of a disaster.f Business Loss / Financial Loss 7.2.2 Backup Requirements for Critical Business Applications Is a Business Impact Assessment (BIA) performed for each business application.d X X X X Page: 30 of 34 iCST Internal Use Only Filename: 2163706.2. Is all backup information be stored with its documentation in a secure location.Section 7 . documented and agreed upon by the affected application owners and equipment custodians. Based on the Backup Plan. which is stored off-site. DRC Disaster Recovery Coord. DRC Disaster Recovery Coord.3 Backup Requirements for Non-Critical Applications Are system.3. DRC 7.2.EISS Self Assessment . Does the Information Backup Plan contain the name of the system and or data. is information backed up on a scheduled basis and must. the backup information. frequency and type of backup.3.d 7.xls .a Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss X X X X 7. Has an Information Backup Plan been developed to fully support the operating systems.2.b X X X X X 7. along with its documentation.b X X X X 7.
4. data is actually being written to tape) and to ensure that the media is still readable.f X X 7.4. Do backup procedures exist for handling daily backups as well as performing day to day restorations or full data recovery. DRC Disaster Recovery Coord. 7. DRC Disaster Recovery Coord.d X X X X 7.a X X X X 7. secure location.f X X X X 7. X X X X X X X X 7.3.4.Section 7 . are backups verified by reading them back after they are written. Is the backup process automated wherever possible in order to ensure consistency. Are randomly selected file restores performed at a minimum of monthly to ensure the readability of the backups (i.e X X X X 7. file server software. does the backup system ensure the synchronization of the recovery.e.e X X X X 7. In distributed database environments. DRC Disaster Recovery Coord.g X X X X 7.h X X X X 7. do LAN/System Administrators perform backups of critical local workstation information. DRC Disaster Recovery Coord.4.4.3.I X X X X Page: 31 of 34 iCST Internal Use Only Filename: 2163706. Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Disaster Recovery Coord.d X X X X 7. DRC Disaster Recovery Coord. DRC Disaster Recovery Coord. Is all backup media labeled with highest classification of the data that resides on the medial Is all locally stored backup media kept in fire retardant media safes. DRC Disaster Recovery Coord.EISS Self Assessment . data. DRC Disaster Recovery Coord. Business Loss documentation.c Is a locally stored backup log kept. and other Disaster Recovery / Financial records kept in an off-site location. Wherever feasible.4. application programs.4. Are users of portable and/or remote systems responsible for backing up and storing their data in a safe. Is access limited to those who perform the backups and a log of the media in the safe maintained for use as a recovery aid. DRC Disaster Recovery Coord.4. DRC Disaster Recovery Coord.b 7.4. Are backup techniques used which are capable of fully restoring all open/active files so that the integrity of these files is not compromised and that they can be fully restored to active operations.4.4 Backup Procedures Does a documented backup process exist which defines the daily backup routines.Section 7 . DRC 7. Many backup software packages allow this to happen in conjunction with routine scheduled backups.xls .Information Backup and Recovery Standards Is a backup copy of the system.g X X X X 7.3. DRC Disaster Recovery Coord. DRC Disaster Recovery Coord. Loss Where possible.
Is off-site backup media given the same level of physical and environmental protection that is required for the primary site as defined in sections 1. DRC Disaster Recovery Coord. DRC 7. 7. Is this process performed more frequently when offsite data is extremely sensitive and is being kept for archival or legal Page: 32 of 34 iCST Internal Use Only Filename: 2163706. If an outside company operates the location. DRC Disaster Recovery Coord. yet accessiblity when needed.6 and 7 of the SDLC EISS.5.5.5. At a minimumdoes this include a list of who is authorized to send data off-site. DRC Disaster Recovery Coord. is it bonded and insured against loss or breach of security.5.4.EISS Self Assessment .5 Off-Site Storage Does the off-site location must have restricted access.2. DRC Disaster Recovery Coord.c 7.Section 7 .Information Backup and Recovery Standards Disaster Recovery Coord. This review must be done at a minimum annually – or whenever there is a change in responsibilities that warrants it. and who is authorized to make changes in access Is a process must be in place for reviewing who has access to off-site processes. night or day.4.b 7.5. Business Loss / Financial Loss X X X X Business Loss / Financial Loss Business Loss / Financial Loss X X X X X X X x Business Loss / Financial Loss Business Loss / Financial Loss X X X x X X X x 7. Is a documented procedure in place that outlines the off-site rotation process.j 7. who is authorized to recall data.xls .d k) Media devices must be periodically cleaned per manufacturers specifications to ensure the integrity of data being written to media.3 When off-site data is kept for multiple years. is the media must be brought back and tested for integrity at a minimum annually. at any time.Section 7 .a 7.
b X X X x 8.d X X X X X X X X X x x x X X X 8. data.0 Disaster Recovery 8. documentation Business Loss and supplies kept in a secured off-site / Financial location. Loss Is a copy of the recovery plan.a Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss Business Loss / Financial Loss X X X x Disaster Recovery Coord.2. system and/or network in order to establish the true level of business and data criticality.1. Where Loss X X X X X X X X X x x x X X X X X X x X Page: 33 of 34 iCST Internal Use Only Filename: 2163706.2.1. DRC Disaster Recovery Coord.2.g 8.Section 8 . DRC Disaster Recovery Coord. system.mot.Section 8 . agreed upon by the affected business and Information Systems areas (system / data owners and equipment custodians) per SIC Section 8 and documented.1.c X X X x 8.3.com/security/dr. Is each Disaster Recovery Plan reviewed using the Disaster Recovery Plan Review Business Loss Check List available at: / Financial http://www.Business Loss site data can be used to successfully recover / Financial the application. Is the recovery timeframe reviewed. Loss 8.e 8.2. Loss Ist the plan tested and updated yearly to Business Loss reflect changes in the hardware.2.a X X X x x 8.2. / Financial network and/or application.3 Testing the Disaster Recovery Plan Are system owners and equipment custodians responsible for testing their Disaster Recovery Plans at least once a year to ensure that the plans are accurate.EISS Self Assessment .b 8.c 8. system and/or network it supports.corp. complete and that the off. Objective or Procedures Risk (Responsible Functional Area) User Owner Admin Custodian Compliant (Y/N) Other Action Plan if Needed: Target Date: 8. testing and updating (maintaining) of the plan.2 Disaster Recovery Plans Is a Disaster Recovery Coordinator assigned to coordinate the development. Is the criticality classification reviewed/updated by the system owner and equipment custodians: 8.2. Has each system owner / equipment custodian developed and documented a Disaster Recovery Plan for each essential business application.a Is the Disaster Recovery plan classified as SDLC Confidential Proprietary.Disaster Recovery Planning Standards EISS Specific Section Reference: 8.xls .f 8.1 Identifying Critical Business Applications Is a Business Impact Assessment (BIA)performed for each business application. Does the plan ensure that Information Security procedures and mechanisms are maintained during the recovery process. DRC 8.
documentation. data recovered and the applications functionally verified by the Business Loss business or application support areas within / Financial the recovery time frame that was developed. are all materials.c X X X X X X x x X X 8. system. Loss Where possible. data.4 Disaster Recovery Training a) Have all Disaster Recovery Coordinators attended the NET901 DIsaster Recovery Planning Workshop class? Business Loss / Financial Loss 8. Loss which lists time frames. network.Section 8 . etc.3.Disaster Recovery Planning Standards Does the test recovery ensure that the hardware.a Page: 34 of 34 iCST Internal Use Only Filename: 2163706.d X X X x X X X X x X Disaster Recovery Coord. This log must be expanded in a postmortem review and then used for problem Business Loss tracking and resolution. i. The full test must be / Financial review Loss 8.Section 8 . procedures.c X X X x X 8.b 8. application programs. problems encountered and suggestions for improvement.e. DRC 8.4. application and/or network has / Financial experienced a high degree of change. are personnel who are unfamiliar with the site being tested used to execute the recovery test in order to verify the Business Loss detail and completeness of the recovery / Financial procedures. Loss When performing the test. Loss Is more frequent testing mused when a Business Loss system.EISS Self Assessment . needed to facilitate the recovery test done Business Loss from locations other than the primary / Financial processing site.3.3.3.xls .
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue listening from where you left off, or restart the preview.