Action Implementation
Procedures will be put in place to ensure that this policy is effective. These procedures include:
- Information users being appropriately identified and having access to information for which they have a legitimate need.
- Information assets being appropriately managed and controlled in line with the requirements of this policy.
- Information assets being identified and sufficiently protected in line with the correct categorisation and handling methods.
- Ensuring that adequate control mechanisms are in place for protecting information assets.
- Ensuring that information access control mechanisms are in place and that these mechanisms are reviewed regularly.
- Ensuring that asset owners define the required physical security of computer rooms, networks, personal computers and procedures for computer maintenance.
- Ensuring the safe disposal of all information assets and equipment.