Get documents about "ASC Information Technology Security Policy - DOC
Document Sample
POLICY
ASC Information Technology Security
Policy
Purpose and Scope
Policy purpose
The purpose of this Australian Sports Commission (ASC) Information Technology
Security Policy ensures that official information:
Are available to clients of the ASC when they are needed and are retained in
accordance with the ASC Recordkeeping Policy and other legislative
requirements.
Are not disclosed to people who do not have appropriate authority to access
them.
Have integrity, where the information contained in the asset can be relied
upon and is not modified other than in an approved manner.
Are reliably available to clients on Information Technology systems used to
access and manipulate information assets.
This will be achieved through the adoption of measures based on the Information
Security Manual (ISM).
Scope
This policy applies to:
Assets that contribute to the Information Communication and Technology
(ICT) environment, including physical facilities, ICT equipment,
communications equipment, operating systems, application software and
packages; regardless of whether these assets are the property of the ASC or
an approved third party asset utilised in the environment.
Clients accessing any aspect of the information technology environment
whether authenticated or unauthenticated (anonymous access).
Clients include all ASC staff (including permanent, temporary, part time,
casual, contractors and consultants) and Non ASC staff (including visitors,
affiliates, scholars and athletes) and any other individual who seeks access to
the ICT environment.
Background
The Information Management Policy states that “Information is an asset, just like
money and people”. Therefore, it is necessary to take appropriate steps to secure
information assets, through implementing a number of procedural and technical
solutions.
The ASC Information Technology Security Policy is one of the sub policies that
underpins and supports the ASC Information Governance Policy (see diagram
below).
The ASC Information Technology Security Policy needs to be considered in
conjunction with the ASC Information Governance Policy.
Diagram 1: Information Policy Framework
Each of the above sub policies are supported by guidelines and procedural
documents.
Related Legislations, Standards and Policy
ASC Code of Conduct
ISM – (Australian Government Information Security Manual)
PSM – (Australian Government Protective Security Manual)
ASC Information Governance Policy
ASC Recordkeeping Policy
ASC Risk Management Policy
Page 2 of 3
Policy statements
1. The ASC must adopt the ISM as the basis of its Information Technology
Security at the In Confidence Level.
Appendix 1 - ICT Security Manual (ISM) Controls, contains ASC responses to
ISM controls.
2. The level of compliance to ISM controls and guidance will be determined
on the risk assessment based on the ASC’s Risk Management Policy
Accountability for the Policy
Refer to the ASC Information Governance Policy
Policy Contact
ICT Manager
Australian Sports Commission
Tel: +61 2 6214 1568
Fax: +61 2 6214 1830
servicedesk@ausport.gov.au
- END –
TRIM
Originating
Version Created By Approved by Date Revision Date referen
Program
ce
Information
1.0 Papiya Chakravarti Matt Miller, CEO 22 Dec 09 22 Dec 10 2009/09096/F
Management
Page 3 of 3
Related docs
Other docs by 78HKc7
YELLOWKN 463791 v1 deck atr brs board forum website overview of resource management system 26 may 2011
Views: 8 | Downloads: 0
CELDT Score Request Form - California English Language Development ... - DOC
Views: 30 | Downloads: 0
