Page 3 - Information_Security

Page 3 - Information_Security_Program

P. 3

Table of Contents

Contents

INFORMATION SECURITY PROGRAM ............................................................................................................................ 2
Information Security Program Policy ......................................................................................................................................... 2
INFORMATION SECURITY POLICY REVIEW CHECKLIST .................................................................................................. 3

GES INFORMATION SECURITY POLICIES ......................................................................................................................... 5
SECURITY LEADERSHIP [DP210] .................................................................................................................................................. 6
SECURITY POLICIES [DP211] ....................................................................................................................................................... 7
ST. PAUL CAMPUS LOCATION SECURITY [DP220] ....................................................................................................................... 8
RETAIL AND OFFSITE SECURITY [DP221] ..................................................................................................................................... 9
FACILITY MAINTENANCE AND REPAIR [DP222] ......................................................................................................................... 10
BACKGROUND SCREENING [DP230] ......................................................................................................................................... 11
SECURITY TRAINING AND AWARENESS [DP231] ....................................................................................................................... 11
TERMINATION OF EMPLOYMENT [DP232] ................................................................................................................................ 12
ACCESS CONTROL [DP241] ....................................................................................................................................................... 15
NETWORK AND OPERATING SYSTEM SECURITY [DP250] ........................................................................................................... 17
APPLICATION AND WEBSITE SECURITY [DP260] ........................................................................................................................ 21
WORKSTATIONS, LAPTOPS, AND DEVICES [DP270] ................................................................................................................... 22
DOCUMENT SECURITY [DP271] ................................................................................................................................................ 24
SECURE DATA TRANSMISSION [DP272] .................................................................................................................................... 25
SYSTEM LOGGING AND MONITORING [DP280] ......................................................................................................................... 26
SECURITY INCIDENT RESPONSE [DP281] ................................................................................................................................... 27
BUSINESS CONTINUITY [DP290] ............................................................................................................................................... 28
INFORMATION RISK ASSESSMENT [DP300] .............................................................................................................................. 30
SECURITY COMPLIANCE [DP301] .............................................................................................................................................. 31

1| P a g e
GES CONFIDENTIAL

1 2 3 4 5 6 7 8