Human Factors of XR: Using Human Factors to Design XR Systems
ISMS Awareness (to upload).pptx
1. ISO 27001 – Information Security
February 2013 Information Security Awareness Training 1
2. The standard itself is to "provide a model/framework for
establishing, implementing, operating, monitoring,
reviewing, maintaining, and improving an Information
Security Management System“.
January 23 Information Security Awareness Training 2
3. January 23 Information Security Awareness Training 3
Purpose: The purpose of this policy is to provide a guide in implementing the
highest standards of information security in protecting our information assets and
those entrusted to us by our stakeholders from all types of threats, whether
internal or external, deliberate, natural or accidental.
Scope: Knowledge and Technology Division (KTD) All Units, Learners and
Enterprise Development (LED) Admission & Registration Units with their offices, in
addition to the Data Center
ALL USERS, ALL INFORMATION ASSETS
4. Information Security Management Representative (ISMR) is the
person who is responsible for:
Maintain ISO 27001 Certification.
Ensure the Information Security Goals are identified and meets the
organizational business requirements.
Ensure the implementation of security controls across the
organization.
January 23 Information Security Awareness Training 4
5. Confidentiality: ensuring that information is accessible
only to those authorized to have access.
Integrity: safeguarding the accuracy, completeness, and
control of information and processing methods.
Availability: ensuring that authorized users have access to
information and associated assets when required.
January 23 Information Security Awareness Training 5
7. Information Security is not just IT “Technology”, it
is how people dealing with Information
IT “Technology” is protecting only 50%
Information Security begins with you
Most of Information Security breaches are from
inside (Home made cupcake)!
January 23 Information Security Awareness Training 7
8. Best Password Practices:
Use a minimum of 8 characters.
Use a strong password.
Use small letters, capital letters numbers and special characters.
Don’t share your password with others.
Don’t write down your password
Don’t use Names of people, places, or other common items
Don’t let another work under your login.
Don’t use the same password on multiple systems
Don’t store your password in the internet applications.
Change your password if it is compromised.
Change the default password.
Change passwords regularly.
January 23 Information Security Awareness Training 8
9. Verify the recipient.
Delete & Report SPAM.
Don’t open, forward, or reply to suspicious e-mails.
Don’t open e-mail attachments or click on website addresses from
unknown senders.
Don’t join mailing lists or mail services for personal us.
Don’t participate in chain mail (Mailing lists) until you know what are
you subscribing with.
Don’t reply by default to “everyone” until there is a real need.
Don’t open un-scanned, unknown or unexpected email attachments.
January 23 Information Security Awareness Training 9