Wir benötigen Ihre Einwilligung zur Verwendung der einzelnen Daten, damit Sie unter anderem Informationen zu Ihren Interessen einsehen können. Klicken Sie auf "OK", um Ihre Zustimmung zu erteilen.
Standard Practice for Assessment of Impact of Mobile Data Storage Device (MDSD) Loss (Withdrawn 2015)
Automatische name übersetzung:
Standard Praxis für die Bewertung der Auswirkungen von Mobile Data Storage Device ( MDSD ) Verlust (Withdrawn 2015)
NORM herausgegeben am 1.2.2009
Bezeichnung normen: ASTM E2674-09
Anmerkung: UNGÜLTIG
Ausgabedatum normen: 1.2.2009
SKU: NS-45852
Zahl der Seiten: 4
Gewicht ca.: 12 g (0.03 Pfund)
Land: Amerikanische technische Norm
Kategorie: Technische Normen ASTM
Keywords:
ECC, ECL, equipment control class, equipment control level, information security, information system, information type, personally identifiable information, PII, PLL, property, risk, MDSD, mobile data storage device, tangible asset, ICS Number Code 35.220.99 (Other data storage devices)
Significance and Use | ||||||||||||
This practice establishes a standard impact assessment methodology to enable entities to uniformly ascertain and communicate impact levels associated with the potential loss of MDSDs. This practice is not intended to prescribe specific information security policies for entities or organizations. This practice assumes that individuals and entities are following all relevant information security policies as required by federal or state law, the terms of applicable government contracts, specific agency policies such as the National Industrial Security Program Operating Manual (NISPOM), and entity-specific policies. This practice assumes, but does not require, that entities have devised and are maintaining a system of internal controls over MDSDs in accordance with the section on Management of Property of Practice E 2279. This practice assumes, but does not require, that the results of this impact assessment will inform future actions and help entities determine cost-effective property control measures for MDSDs commensurate with the potential consequences of their loss in accordance with the section on Management of Property of Practice E 2279. This practice encourages an inclusive understanding and communication of the risk associated with MDSDs and, by assigning a rating to the impact of loss, enables comparisons on this basis to other MDSDs rated using the same practice. This practice is intended to foster and enable additional standard practices related to or based on these terms and concepts. |
||||||||||||
1. Scope | ||||||||||||
1.1 This practice describes a methodology for assessing and quantifying the impact of the loss of mobile data storage devices (MDSDs), for example, thumb drives, auxiliary hard drives, and other property containing personally identifiable information or other entity sensitive information. 1.2 This practice is based on two concepts: 1.2.1 Identifying the MDSDs that pose the greatest risk to the organization based on both the information that is stored on them and the location in which they are used, and 1.2.2 Determining the impact of the potential loss of specific MDSDs. In general, this impact assessment is best practiced as a part of a larger risk management process. While this practice does not address this larger topic, it may inform other risk management standards. 1.3 This practice is intended to be applicable and appropriate for all asset-holding entities. 1.4 In accordance with the provisions of Practice E 2279, this practice clarifies and enables effective and efficient control and tracking of equipment. 1.5 This standard does not purport to address all of the safety concerns, if any, associated with its use. It is the responsibility of the user of this standard to establish appropriate safety and health practices and determine the applicability of regulatory limitations prior to use. |
||||||||||||
2. Referenced Documents | ||||||||||||
|
Bereitstellung von aktuellen Informationen über legislative Vorschriften in der Sammlung der Gesetze bis zum Jahr 1945.
Aktualisierung 2x pro Monat!
Brauchen Sie mehr Informationen? Sehen Sie sich diese Seite an.
Letzte Aktualisierung: 2024-12-22 (Zahl der Positionen: 2 217 000)
© Copyright 2024 NORMSERVIS s.r.o.