Laserfiche WebLink
Security Policies and Procedures <br />Table of Contents <br />Virtru <br />Document control <br />B. Security Document Library <br />II. Preface and Background Material <br />Overview <br />B. Policy <br />III. Key Concepts <br />Information Security Principles <br />Confidentiality <br />Integrity <br />Availability <br />Provability <br />Definitions <br />Information Security Policy <br />Privacy Policy <br />Acceptable Use Policy for IT Systems Users <br />Employment Policies <br />IV. Using These Standards <br />Audience — Who will use this document <br />Technology and business process providers should comply with these Standards as a <br />matter of contractual obligation <br />Employees and Business units within Virtru should comply, unless a Risk Assessment <br />has been done and a deviation is approved by the ISO <br />How the document is used <br />Review of existing controls, procedures and tools against the Standards <br />Documenting compliance or deviations <br />Gap Analysis to determine where improvements are needed <br />A Risk Assessment to validate that the improvements are justified against the costs <br />of the controls and the value of the information involved <br />Creation of a plan to close the gaps OR signoff of a deviation <br />Documentation of the new controls, procedures and tools <br />C. Maintaining this document <br />V. Roles and Responsibilities <br />A. Rules for ownership of information <br />B. Information users <br />C. Information Security Officer <br />Manage awareness programs relating to security and privacy topics <br />Maintain a central record of exceptions to this Standards document <br />Manage changes to this Standards document <br />Rev.2015.8.6 <br />