Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Reduce the risk of targeted manipulation of ICT products in the supply chain. a) Organisations should assess the risk of being exposed to such targeted attacks. b) Ask national resellers/importers to practise discretion and not divulge too much customer information, e.g. names of customers, how the product is used, where the product is being used. c) Protect the integrity of physical products (in consultation with national resellers/importers) at the earliest possible stage in the supplier chain. Products should be checked at every national stage of the chain (including by the customer before deployment) for broken seals and stored so that only a limited number of personnel have physical access. d) Software products should only be downloaded from the provider’s official website (only via https). The organisation should keep all installation software in file folders that only those responsible for software installation have write access to. e) When performing maintenance on ICT products, physical provider access should be regulated and monitored.
Reduce the risk of targeted manipulation of ICT products in the supply chain. a) Organisations should assess the risk of being exposed to such targeted attacks. b) Ask national resellers/importers to practise discretion and not divulge too much customer information, e.g. names of customers, how the product is used, where the product is being used. c) Protect the integrity of physical products (in consultation with national resellers/importers) at the earliest possible stage in the supplier chain. Products should be checked at every national stage of the chain (including by the customer before deployment) for broken seals and stored so that only a limited number of personnel have physical access. d) Software products should only be downloaded from the provider’s official website (only via https). The organisation should keep all installation software in file folders that only those responsible for software installation have write access to. e) When performing maintenance on ICT products, physical provider access should be regulated and monitored.
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
