Formulating a Security Policy › Primary Elements of a Security Policy › Systems Software Area
Systems Software Area
The systems software area is an area that must be considered critical in any organization. First, the security software is the responsibility of this area. Moreover, systems software personnel often use facilities that are capable of bypassing or even disabling the security software. Given this exposure, the policy must detail the responsibilities of this critical area as it relates to security. Consider identifying the following responsibilities for systems software:
- To maintain the security software in a secure and responsible manner ensuring that the data processing environment is always protected when it is available for use by the user community.
- To notify the appropriate parties if the security software is disabled as soon as it is practical.
- To limit development and availability of facilities capable of bypassing security to only those situations in which they are absolutely necessary.
- To work with the security administration function to ensure that system resources are properly protected.
- To design the security requirements for the vendor-supplied system software which is their responsibility, and to work with the security administration area in implementing same.
Copyright © 2014 CA Technologies.
All rights reserved.
|
|