Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
1. Classification level IV (RESTRICTED) information may be stored in the area. Information has
to be stored in locked furniture. Terminal device containing above mentioned information
has to be stored in appropriate locked furniture, when possible.
2. In Administrative Area it is possible to store information belonging to national classification level III in terminal devices which have been approved for the level and when the terminal device is stored in: a) monitored space or b) in sealed security envelope inside locked furniture (or in equivalent secure way). Potential monitoring of the storage space has to be done according to the requirement F-05.5. As an exception to this rule for storing national classification level III information, it is not allowed to store international CONFIDENTIAL information in Administrative Areas.
3. Keys or combination settings to the appropriate locked furniture have to be kept under control of such personnel, which has the need-to-know to the information stored in the above-mentioned manner. Combination settings have to be committed to memory by the authorized individuals. Combination settings to storage units containing Classified Information have to be changed:
• on receipt of a new container;
• whenever there is a change in personnel knowing the combination;
• whenever a compromise has occurred or is suspected;
• when a lock has undergone maintenance or repair.
4. It is allowed to handle information classified on national levels IV-II in the Administrative Area when access to the information by unauthorized persons has been prevented. When the Classified Information is used by means of terminal devices it is necessary to take care
that both the terminal device, as well as the data communication arrangement fulfill the
requirements set for them.
1. Classification level IV (RESTRICTED) information may be stored in the area. Information has
to be stored in locked furniture. Terminal device containing above mentioned information
has to be stored in appropriate locked furniture, when possible.
2. In Administrative Area it is possible to store information belonging to national classification level III in terminal devices which have been approved for the level and when the terminal device is stored in: a) monitored space or b) in sealed security envelope inside locked furniture (or in equivalent secure way). Potential monitoring of the storage space has to be done according to the requirement F-05.5. As an exception to this rule for storing national classification level III information, it is not allowed to store international CONFIDENTIAL information in Administrative Areas.
3. Keys or combination settings to the appropriate locked furniture have to be kept under control of such personnel, which has the need-to-know to the information stored in the above-mentioned manner. Combination settings have to be committed to memory by the authorized individuals. Combination settings to storage units containing Classified Information have to be changed:
• on receipt of a new container;
• whenever there is a change in personnel knowing the combination;
• whenever a compromise has occurred or is suspected;
• when a lock has undergone maintenance or repair.
4. It is allowed to handle information classified on national levels IV-II in the Administrative Area when access to the information by unauthorized persons has been prevented. When the Classified Information is used by means of terminal devices it is necessary to take care
that both the terminal device, as well as the data communication arrangement fulfill the
requirements set for them.
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
