Business Processes - Lesson 2 - Info Security Req's

Joiner, Manager, Learner

Joiner, Mover, Learner

Joiner, Mover, Leaver

Joiner, Manager, Leaver

Inclusion in security groups

Terminate access rights

Set-up managerial access to email account

Addition to contacts and mailing lists

Relinquish assets

Inclusion in security groups

Terminate access rights

Set-up managerial access to email account

Addition to contacts and mailing lists

Relinquish assets

Remove all existing access & grant new access

Remove unneeded existing access and grant new access

Remove all existing access

Grant new access

Remove unneeded existing access

To help employees understand the organisation’s information and compliance risks, thus reducing the organisation’s exposure to security failures.

So that they can both proactively support security and when needed take correct action if breeches in security occur.

To help avoid virus infection and to handle an infection when it occurs.

All of these answers

Online training (self paced)

Organised training based in a classroom

Regular security audits and monitoring

All of these answers

Acceptable Use Policy

Digital Rights management

Intellectual Property Rights

Disclosure of information

Reporting of Information security breaches

Human Rights Act (1998)

Data Protection Act (1998) and (2018)

Computer Misuse Act (1990)

All of these answers

Human Rights Act (1998)

Data Protection Act (1998) and (2018)

Computer Misuse Act (1990)

All of these answers

Data shall be obtained only for one or more specified and lawful purposes

Data "freely" given by an individual can be used for any lawful purpose

Data shall be accurate and, where necessary, kept up to date

Data cannot be kept for longer than is necessary for that purpose or those purposes

Data shall be retained within the boundaries of the EU at all times