Professional Documents
Culture Documents
Management
Agenda
1. Main Target
2. Purpose
4. Process
To Whom is applicable:
Definition: Practices that aim at protecting information assets from security threats
so as to facilitate continuous running of business and to keep losses caused by
security incidents to a minimum.
No
Objectives: leakage
Confidentiality
Integrity Availability
© ZTE All rights reserved
5
What is Information Security?
Content IT
Security Security
Information
Security
Personnel Physical
Security Security
ISMS: As a part of the entire management system, the information security management
system is based on the method for identifying business risks to develop, implement,
operate, review, maintain and improve information security
It provides the information security overview and trend report at all organization
levels
To help the security staff implementing an effective way to control and solve the
security-related risks, thus ensuring the day-to-day business operations of the
organization
Event
Event Source SOC Output
Source
No Acronym or Full Name
Applications
. Symbol
Compliance
Dashboard 1 ISMS Information Security Management
Databases System
Reports
Alerts
Security Devices
Colombia ISMT
Monitoring, guideline,
Implement the plan,etc..
Objetive:
a.- Provide Risk assesment and list
Business unit leaders shall provide necessary resources and
b.- Risk tracking table
support for routine work of the information security
c.- Routine and Audits
manager
d.- To follow meeting and plan
e.- To solve any incident on time
IMST (Information Security Management Team)
Classifying principles: Information is classified in line with its sensitivity and the
potential impact on ZTE in case of leakage.
For the scope of business secrets of the company, refer to Appendix F in the
Management Regulations on Information Security Rewards and Punishment.
Name
of the employee Name
Security Check Point. Monthly review
The above actions will be checked in October. If the above actions occur
after September 30 2019
They will be notified within the representative office and applied to your
monthly assessment.
Process - Paths
Severity of
Measure
Violation
For Management Cadres For All Employees - New For All Employees - Information
Employees' Induction Security Redlines
For All Employees - It is Forbidden to For All Employees - For All Employees - Information
Transfer Company Information Behaviors that Need Security Control Requirements
Without Approval Approval or Recorded for the Use of Laptops
Contents
01 02 03 04
Q&A