This document provides an overview of information security and ISO 27001. It discusses what information security is, the importance of protecting information assets, and introduces some of the key concepts from ISO 27001 such as risk management, the Plan-Do-Check-Act cycle, and control objectives. The document emphasizes that information security is everyone's responsibility.
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.IGN MANTRA
ISO 27001:2013 Awareness, Seminar & Workshop Indonesia Honeynet Project IHP, Badan Siber dan Sandi Negara BSSN, Universitas Syiah Kuala Unsyiah, 23-24 Oktober 2018
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.IGN MANTRA
ISO 27001:2013 Awareness, Seminar & Workshop Indonesia Honeynet Project IHP, Badan Siber dan Sandi Negara BSSN, Universitas Syiah Kuala Unsyiah, 23-24 Oktober 2018
Information Security vs IT - Key Roles & ResponsibilitiesKroll
Marc Brawner is a Principal with Kroll's Cyber Security & Investigations team. In this presentation to the Tennessee Bankers Association, Marc explains the key roles & responsibilities of the information security and information technology teams for increased cyber security
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
Are you effectively securing your organization’s IT systems that store, process, or transmit organizational information?
Is your IT risk management plan tailored to the specific risk profile of your business and being coordinated across all functional and business units?
With the release of IT Governance frameworks, requirements for risk management and new international standards entering the market, the pressure is mounting to ensure that all your IT risks are identified and the necessary action is taken – be this to mitigate them, accept or ignore them. So, how safe is your IT system? What are the risks that your organization is being exposed to?
The solution to this challenge is to establish an effective risk management process that protects the organization, not just its IT assets, and provides it with the ability to perform its mission.
Risk management is the process of identifying and assessing risk and taking preventive measures to reduce it to an acceptable level. It is critical that you develop an effective risk management program that assesses and mitigates risks within your IT systems and better manages these IT-related mission risks.
BENEFITS OF ATTENDING THIS WORKSHOP
Identify common IT project risks
Learn how to assess threats and vulnerabilities to create a risk response strategy
Understand what qualifies as risk with IT projects
Understand the most common IT risk sources
Qualify and quantify IT risks
Learn the difference between negative and positive IT risks
Develop an IT risk management plan
Plan risk response methods for IT risks
Create risk mitigation and contingency plans
Monitor and control project risks
Overcome resistance from stakeholders and team members
WHO SHOULD ATTEND THIS WORKSHOP
IT risk managers
IT security managers
Compliance officers
Program and project managers
IT project managers
IT operation manager
Contact Kris at kris@360bsi.com to register.
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfSecureCurve
Security and privacy are crucial elements for protecting digital assets. As the use of technology continues to increase, so does the risk of cyber-attacks and data breaches.
This presentation was discussed in a Webinar with MetricStream in September 2016. It is applicable for small, medium and large businesses when considering information and cyber security risk.
Information security is often misunderstood, undervalued and often tackled as an afterthought. This presentation was given in 2014 during an ISACA educational event.
A to Z of Information Security ManagementMark Conway
The purpose of information security is to protect an organisation’s valuable assets, such as information, Intellectual property, hardware, and software.
Through the selection and application of appropriate safeguards or controls, information security helps an organisation to meet its business objectives by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets.
In this A to Z I’d like to outline some of the key focus areas for organisations wishing to pursue compliance to the ISO27001 Information Security standard.
Breaking down the cyber security framework closing critical it security gapsIBM Security
Cyber crime is pervasive and here to stay. Whether you work in the Public Sector, Private Sector, are the CEO for a Fortune 500 Company or trying to sustain a SMB everyone is under attack. This February, President Obama, issued an executive order aimed at protecting critical business and government infrastructure due to the scale and sophistication of IT security threats that have grown at an explosive rate. Organizations and Government agencies have to contend with industrialized attacks, which, in some cases, rival the size and sophistication of the largest legitimate computing efforts. In addition, they also have to guard against a more focused adversary with the resources and capabilities to target highly sensitive information, often through long-term attack campaigns. Many security executives are struggling to answer questions about the most effective approach.
Presentation by Soumya Mondal, on "Information Security: Importance of having definded policy & process" at "Braindigit 9th National ICT Conference 2013" organized by Information Technology Society, Nepal at Alpha House, Kathmandu, Nepal on 26th January, 2013
Information Security vs IT - Key Roles & ResponsibilitiesKroll
Marc Brawner is a Principal with Kroll's Cyber Security & Investigations team. In this presentation to the Tennessee Bankers Association, Marc explains the key roles & responsibilities of the information security and information technology teams for increased cyber security
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
Are you effectively securing your organization’s IT systems that store, process, or transmit organizational information?
Is your IT risk management plan tailored to the specific risk profile of your business and being coordinated across all functional and business units?
With the release of IT Governance frameworks, requirements for risk management and new international standards entering the market, the pressure is mounting to ensure that all your IT risks are identified and the necessary action is taken – be this to mitigate them, accept or ignore them. So, how safe is your IT system? What are the risks that your organization is being exposed to?
The solution to this challenge is to establish an effective risk management process that protects the organization, not just its IT assets, and provides it with the ability to perform its mission.
Risk management is the process of identifying and assessing risk and taking preventive measures to reduce it to an acceptable level. It is critical that you develop an effective risk management program that assesses and mitigates risks within your IT systems and better manages these IT-related mission risks.
BENEFITS OF ATTENDING THIS WORKSHOP
Identify common IT project risks
Learn how to assess threats and vulnerabilities to create a risk response strategy
Understand what qualifies as risk with IT projects
Understand the most common IT risk sources
Qualify and quantify IT risks
Learn the difference between negative and positive IT risks
Develop an IT risk management plan
Plan risk response methods for IT risks
Create risk mitigation and contingency plans
Monitor and control project risks
Overcome resistance from stakeholders and team members
WHO SHOULD ATTEND THIS WORKSHOP
IT risk managers
IT security managers
Compliance officers
Program and project managers
IT project managers
IT operation manager
Contact Kris at kris@360bsi.com to register.
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfSecureCurve
Security and privacy are crucial elements for protecting digital assets. As the use of technology continues to increase, so does the risk of cyber-attacks and data breaches.
This presentation was discussed in a Webinar with MetricStream in September 2016. It is applicable for small, medium and large businesses when considering information and cyber security risk.
Information security is often misunderstood, undervalued and often tackled as an afterthought. This presentation was given in 2014 during an ISACA educational event.
A to Z of Information Security ManagementMark Conway
The purpose of information security is to protect an organisation’s valuable assets, such as information, Intellectual property, hardware, and software.
Through the selection and application of appropriate safeguards or controls, information security helps an organisation to meet its business objectives by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets.
In this A to Z I’d like to outline some of the key focus areas for organisations wishing to pursue compliance to the ISO27001 Information Security standard.
Breaking down the cyber security framework closing critical it security gapsIBM Security
Cyber crime is pervasive and here to stay. Whether you work in the Public Sector, Private Sector, are the CEO for a Fortune 500 Company or trying to sustain a SMB everyone is under attack. This February, President Obama, issued an executive order aimed at protecting critical business and government infrastructure due to the scale and sophistication of IT security threats that have grown at an explosive rate. Organizations and Government agencies have to contend with industrialized attacks, which, in some cases, rival the size and sophistication of the largest legitimate computing efforts. In addition, they also have to guard against a more focused adversary with the resources and capabilities to target highly sensitive information, often through long-term attack campaigns. Many security executives are struggling to answer questions about the most effective approach.
Presentation by Soumya Mondal, on "Information Security: Importance of having definded policy & process" at "Braindigit 9th National ICT Conference 2013" organized by Information Technology Society, Nepal at Alpha House, Kathmandu, Nepal on 26th January, 2013
Discover the innovative and creative projects that highlight my journey throu...dylandmeas
Discover the innovative and creative projects that highlight my journey through Full Sail University. Below, you’ll find a collection of my work showcasing my skills and expertise in digital marketing, event planning, and media production.
VAT Registration Outlined In UAE: Benefits and Requirementsuae taxgpt
Vat Registration is a legal obligation for businesses meeting the threshold requirement, helping companies avoid fines and ramifications. Contact now!
https://viralsocialtrends.com/vat-registration-outlined-in-uae/
The world of search engine optimization (SEO) is buzzing with discussions after Google confirmed that around 2,500 leaked internal documents related to its Search feature are indeed authentic. The revelation has sparked significant concerns within the SEO community. The leaked documents were initially reported by SEO experts Rand Fishkin and Mike King, igniting widespread analysis and discourse. For More Info:- https://news.arihantwebtech.com/search-disrupted-googles-leaked-documents-rock-the-seo-world/
B2B payments are rapidly changing. Find out the 5 key questions you need to be asking yourself to be sure you are mastering B2B payments today. Learn more at www.BlueSnap.com.
Personal Brand Statement:
As an Army veteran dedicated to lifelong learning, I bring a disciplined, strategic mindset to my pursuits. I am constantly expanding my knowledge to innovate and lead effectively. My journey is driven by a commitment to excellence, and to make a meaningful impact in the world.
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
LA HUG - Video Testimonials with Chynna Morgan - June 2024Lital Barkan
Have you ever heard that user-generated content or video testimonials can take your brand to the next level? We will explore how you can effectively use video testimonials to leverage and boost your sales, content strategy, and increase your CRM data.🤯
We will dig deeper into:
1. How to capture video testimonials that convert from your audience 🎥
2. How to leverage your testimonials to boost your sales 💲
3. How you can capture more CRM data to understand your audience better through video testimonials. 📊
Implicitly or explicitly all competing businesses employ a strategy to select a mix
of marketing resources. Formulating such competitive strategies fundamentally
involves recognizing relationships between elements of the marketing mix (e.g.,
price and product quality), as well as assessing competitive and market conditions
(i.e., industry structure in the language of economics).
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
Digital Transformation and IT Strategy Toolkit and TemplatesAurelien Domont, MBA
This Digital Transformation and IT Strategy Toolkit was created by ex-McKinsey, Deloitte and BCG Management Consultants, after more than 5,000 hours of work. It is considered the world's best & most comprehensive Digital Transformation and IT Strategy Toolkit. It includes all the Frameworks, Best Practices & Templates required to successfully undertake the Digital Transformation of your organization and define a robust IT Strategy.
Editable Toolkit to help you reuse our content: 700 Powerpoint slides | 35 Excel sheets | 84 minutes of Video training
This PowerPoint presentation is only a small preview of our Toolkits. For more details, visit www.domontconsulting.com
2. What is information?
What is information security?
What is risk?
Introduction to the ISO standards
Managing information security
Your security responsibilities
A
g
e
n
d
a
2
3. Information is an asset which,
like other important business
assets, has value to an
organization and consequently needs
to be suitably protected
I
N
F
O
R
M
A
T
I
O
N
3
ISO/IEC 27002:2005
4. I
n
f
o
r
m
a
t
i
o
n
t
y
p
e
s
Information exists in many forms:
Printed or written on paper
Stored electronically
Transmitted by post or electronic means
Visual e.g. videos, diagrams
Published on the Web
Verbal/aural e.g. conversations, phone calls
Intangible e.g. knowledge, experience, expertise,
ideas
‘Whatever form the information takes, or
means by which it is shared or stored, it
should always be appropriately protected’
(ISO/IEC 27002:2005)
4
5. I
n
f
o
l
i
f
e
c
y
c
l
e
Information can be …
Created
Owned (it is an asset)
Stored
Processed
Transmitted/communicated
Used (for proper or improper purposes)
Modified or corrupted
Shared or disclosed (whether appropriately or not)
Destroyed or lost
Stolen
Controlled, secured and protected throughout its
existence
5
6. K
e
y
t
e
r
m
What is information security?
Information security is what keeps valuable information
‘free of danger’ (protected, safe from harm)
It is not something you buy, it is something you do
o It’s a process not a product
It is achieved using a combination of suitable strategies
and approaches:
o Determining the risks to information and treating them
accordingly (proactive risk management)
o Protecting CIA (Confidentiality, Integrity and Availability)
o Avoiding, preventing, detecting and recovering from incidents
o Securing people, processes and technology … not just IT!
6
8. P
e
o
p
l
e
People
People who use or have an interest in our
information security include:
Shareholders / owners
Management & staff
Customers / clients, suppliers & business partners
Service providers, contractors, consultants &
advisors
Authorities, regulators & judges
Our biggest threats arise from people (social
engineers, unethical competitors, hackers, fraudsters,
careless workers, bugs, flaws …), yet our biggest
asset is our people (e.g. security-aware employees
who spot trouble early)
8
9. Processes
Processes are work practices or workflows,
the steps or activities needed to
accomplish business objectives.
• Processes are described in procedures.
• Virtually all business processes involve
and/or depend on information making
information a critical business asset.
Information security policies and
procedures define how we secure
information appropriately and repeatedly.
P
r
o
c
e
s
s
e
s
9
10. Technology
Information technologies
Cabling, data/voice networks and equipment
Telecommunications services (PABX, VoIP, ISDN,
videoconferencing)
Phones, cellphones, PDAs
Computer servers, desktops and associated data storage
devices (disks, tapes)
Operating system and application software
Paperwork, files
Pens, ink
Security technologies
Locks, barriers, card-access systems, CCTV
T
e
c
h
n
o
l
o
g
y
10
11. • Protects information against various threats
• Ensures business continuity
• Minimizes financial losses and other impacts
• Optimizes return on investments
• Creates opportunities to do business safely
• Maintains privacy and compliance
V
a
l
u
e
We all depend on
information security
11
Information security is
valuable because it …
12. Information security is defined
as the preservation of:
Confidentiality
Making information accessible
only to those authorized to
use it
Integrity
Safeguarding the accuracy and
completeness of information and
processing methods
Availability Ensuring that information is
available when required
C
I
A
12
13. • IT downtime, business interruption
• Financial losses and costs
• Devaluation of intellectual property
• Breaking laws and regulations, leading
to prosecutions, fines and penalties
• Reputation and brand damage leading
to loss of customer, market, business
partner or owners’ confidence and lost
business
• Fear, uncertainty and doubt
Security incidents cause …
13
I
m
p
a
c
t
s
14. K
e
y
t
e
r
m
What is risk?
Risk is the possibility that a threat exploits a
vulnerability in an information asset,
leading to an adverse impact on the organization
Threat: something that might cause harm
Vulnerability: a weakness that might be exploited
Impact: financial damage etc.
14
17. Motive
Something that causes the
threat agent to act
• Implies intentional/deliberate
attacks but some are accidental
M
o
t
i
v
e
17
18. Threat type Example
Human error
Typo, wrong attachment/email address,
lost laptop or phone
Intellectual property Piracy, industrial espionage
Deliberate act
Unauthorized access/trespass, data theft,
extortion, blackmail, sabotage, vandalism,
terrorist/activist/criminal activity
Fraud Identity theft, expenses fraud
System/network attack Viruses, worms, Trojans, hacks
Service issue Power cuts, network outages
Force of nature
Fire, flood, storm, earthquake, lightning,
tsunami, volcanic eruption
Hardware issue
Computer power supply failure,
lack of capacity
Software issue Bugs or design flaws, data corruption
Obsolescence iPhone 4?
18
T
h
r
e
a
t
t
y
p
e
s
19. So how do we
secure our
information
assets?
19
20. 1990’s
• Information Security Management Code of Practice
produced by a UK government-sponsored working group
• Based on the security policy used by Shell
• Became British Standard BS7799
2000’s
• Adopted by ISO/IEC
• Became ISO/IEC 17799 (later renumbered ISO/IEC 27002)
• ISO/IEC 27001 published & certification scheme started
Now
• Expanding into a suite of information security standards
(known as “ISO27k”)
• Updated and reissued every few years
I
S
O
2
7
k
A brief history of ISO27k
20
21. • Concerns the management of information
security, not just IT/technical security
• Formally specifies a management system
• Uses Plan, Do, Check, Act (PDCA) to achieve,
maintain and improve alignment of security with
risks
• Covers all types of organizations (e.g. commercial
companies, government agencies, not-for-profit
organizations) and all sizes
• Thousands of organizations worldwide have been
certified compliant
ISO 27001
I
S
O
2
7
0
0
1
21
24. • Information security policy - management
direction
• Organization of information security -
management framework for implementation
• Asset management – assessment, classification
and protection of valuable information assets
• HR security – security for joiners, movers and
leavers
• Physical & environmental security - prevents
unauthorised access, theft, compromise, damage to
information and computing facilities, power cuts
C
O
N
T
R
O
L
C
L
A
U
S
E
S
24
25. • Communications & operations management -
ensures the correct and secure operation of IT
• Access control – restrict unauthorized access to
information assets
• Information systems acquisition, development &
maintenance – build security into systems
• Information security incident management – deal
sensibly with security incidents that arise
• Business continuity management – maintain
essential business processes and restore any that fail
• Compliance - avoid breaching laws, regulations,
policies and other security obligations
C
O
N
T
R
O
L
C
L
A
U
S
E
S
25
26. PLAN
Establish
ISMS
CHECK
Monitor &
Review ISMS
ACT
Maintain &
Improve
DO
Implement &
Operate the
ISMS
IS POLICY
SECURITY
ORGANISATION
ASSET
IDENTIFICATION
&
CLASSIFICATION
CONTROL
SELECTION &
IMPLEMENTATION
OPERATIONALIZ
E THE PROCESES
MANAGEMENT
REVIEW
CORRECTIVE &
PREVENTIVE
ACTIONS
CHECK
PROCESSES
I
M
P
L
E
M
E
N
T
A
T
I
O
N
P
R
O
C
E
S
S
C
Y
C
L
E
26
27. B
e
n
e
f
i
t
s
• Demonstrable commitment to security by the
organization
• Legal and regulatory compliance
• Better risk management
• Commercial credibility, confidence, and
assurance
• Reduced costs
• Clear employee direction and improved
awareness
27
29. Key ISMS documents
K
e
y
d
o
c
u
m
e
n
t
s
• High level corporate security policy
• Supporting policies e.g. physical &
environmental, email, HR, incident
management, compliance etc.
• Standards e.g. Windows Security Standard
• Procedures and guidelines
• Records e.g. security logs, security review
reports, corrective actions
29
30. Information security vision
V
I
S
I
O
N
&
M
I
S
S
I
O
N
Vision
The organization is acknowledged as an
industry leader for information security.
Mission
To design, implement, operate, manage and
maintain an Information Security
Management System that complies with
international standards, incorporating
generally-accepted good security practices
30
31. Who is responsible?
W
h
o
• Information Security Management Committee
• Information Security Manager/CISO and Department
• Incident Response Team
• Business Continuity Team
• IT, Legal/Compliance, HR, Risk and other departments
• Audit Committee
• Last but not least, you!
Bottom line:
31
Information security is everyone’s responsibility
33. I
N
F
O
A
S
S
E
T
C
L
A
S
S
I
F
I
C
A
T
I
O
N
CONFIDENTIAL:
If this information is leaked outside the organization, it will result in major financial and/or image
loss. Compromise of this information may result in serious non-compliance (e.g. a privacy
breach). Access to this information must be restricted based on the concept of need-to-know.
Disclosure requires the information owner’s approval. In case information needs to be disclosed
to third parties, a signed confidentiality agreement is required.
Examples: customer contracts, pricing rates, trade secrets, personal information, new product
development plans, budgets, financial reports (prior to publication), passwords, encryption keys.
INTERNAL USE ONLY:
Leakage or disclosure of this information outside the organization is unlikely to cause serious
harm but may result in some financial loss and/or embarrassment.
Examples: circulars, policies, training materials, general company emails, security policies and
procedures, corporate intranet.
PUBLIC:
This information can be freely disclosed to anyone although publication must usually be explicitly
approved by Corporate Communications or Marketing.
Examples: marketing brochures, press releases, website.
33
Information Asset Classification
34. Confidentiality
Confidentiality
level Explanation
High
Information which is very sensitive or private, of
great value to the organization and intended for
specific individuals only. The unauthorized
disclosure of such information can cause severe
harm such as legal or financial liabilities,
competitive disadvantage, loss of brand value e.g.
merger and acquisition related information,
marketing strategy
Medium
Information belonging to the company and not for
disclosure to public or external parties. The
unauthorized disclosure of this information may
harm to the organization somewhat e.g.
organization charts, internal contact lists.
Low
Non-sensitive information available for public
disclosure. The impact of unauthorized disclosure of
such information shall not harm Organisation
anyway. E.g. Press releases, Company’s News
letters e.g. Information published on company’s
website
Confidentiality of information concerns the protection of sensitive (and often highly
valuable) information from unauthorized or inappropriate disclosure.
C
l
a
s
s
i
f
i
c
a
t
i
o
n
2/14/
34
Mohan Kamat
35. U
S
E
R
R
E
S
P
O
N
S
I
B
I
L
I
T
I
E
S
Physical security
• Read and follow security policies and procedures
• Display identity cards while on the premises
• Challenge or report anyone without an ID card
• Visit the intranet Security Zone or call IT Help/Service Desk
for advice on most information security matters
• Allow unauthorized visitors onto the premises
• Bring weapons, hazardous/combustible materials, recording
devices etc., especially in secure areas
• Use personal IT devices for work purposes, unless explicitly
authorized by management
35
Do not
Do
36. U
S
E
R
R
E
S
P
O
N
S
I
B
I
L
I
T
I
E
S
Password Guidelines
Use long, complicated passphrases - whole sentences if you can
Reserve your strongest passphrases for high security systems (don’t
re-use the same passphrase everywhere)
Use famous quotes, lines from your favorite songs, poems etc. to
make them memorable
Use short or easily-guessed passwords
Write down passwords or store them in plain text
Share passwords over phone or email
36
37. U
S
E
R
R
E
S
P
O
N
S
I
B
I
L
I
T
I
E
S
Warning: Internet usage is routinely logged and monitored.
Be careful which websites you visit and what you disclose.
Avoid websites that would be classed as obscene, racist,
offensive or illegal – anything that would be embarrassing
Do not access online auction or shopping sites, except where
authorized by your manager
Don’t hack!
Do not download or upload commercial software or other
copyrighted material without the correct license and
permission from your manager
Use the corporate Internet facilities only for legitimate and
authorized business purposes
Internet usage
37
38. U
S
E
R
R
E
S
P
O
N
S
I
B
I
L
I
T
I
E
S
E-mail usage
Do not use your corporate email address for personal email
Do not circulate chain letters, hoaxes, inappropriate jokes,
videos etc.
Do not send emails outside the organization unless you are
authorized to do so
Be very wary of email attachments and links, especially in
unsolicited emails (most are virus-infected)
38
Use corporate email for business purposes only
Follow the email storage guidelines
If you receive spam email, simply delete it. If it is
offensive or you receive a lot, call the IT Help/Service
Desk
39. U
S
E
R
R
E
S
P
O
N
S
I
B
I
L
I
T
I
E
S
Security incidents
39
Report information security incidents, concerns and
near-misses to IT Help/Service Desk:
Email …
Telephone …
Anonymous drop-boxes …
Take their advice on what to do
Do not discuss security incidents with anyone outside the
organization
Do not attempt to interfere with, obstruct or prevent anyone
else from reporting incidents
40. R
e
s
p
o
n
s
i
b
i
l
i
t
i
e
s
Ensure your PC is getting antivirus updates and patches
Lock your keyboard (Windows-L) before leaving your PC
unattended, and log-off at the end of the day
Store laptops and valuable information (paperwork as well as
CDs, USB sticks etc.) securely under lock and key
Keep your wits about you while traveling:
Keep your voice down on the cellphone
Be discreet about your IT equipment
Take regular information back ups
Fulfill your security obligations:
Comply with security and privacy laws, copyright and licenses,
NDA (Non Disclosure Agreements) and contracts
Comply with corporate policies and procedures
Stay up to date on information security:
Visit the intranet Security Zone when you have a moment
40