Methods, policies, procedures, techniques, audit programs, checklists, articles and tools about Enterprise Governance, Risk, Compliance, Strategic, Operational, Finance, IT and other internal corporate controls and how all of these improve the enterprise governance, strategic and operational aspects of private and public-sector organizations in all business functions of the modern organizations and enterprises.
Saturday, October 19, 2013
Business Data Security Guidelines
business data security policy and related procedures should include protection
controls and measures that cover the following issues:
Comprehensive due diligence of all critical staff, including external parties (outsourcing,
external suppliers, sub-contractors, etc.).
Authentication of all customers.
Non repudiation and accountability for all on-line transactions.
Segregation of duties.
Business data, transactions, records and information integrity.
Transactions audit trails.
Appropriate disclosures for organizational services.
Business continuity and contingency planning.
Security and other crises incident response planning.
Access controls: encryption, passwords, password control devices, tokens, user
authentication devices, anti-hacking tools/techniques, digital signals origin
identification, anti-tapping tools/techniques.