Infosec Home at The University of West Georgia

Log On

Step 7

Compliance with: policies, standards, and procedures

7.1 Regular Meetings   With stakeholders such as data stewards, legal counsel, compliance officers public safety, public relations, and IT groups to review institutional risk and compliance and to revise existing policies and procedures as needed.

7.2 Utilizing Audit Function   This can be either an internal audit departmental or external auditor.

7.3 Routine Scan's and Testing Computing Resources and Services   Scan servers, desktops, mobil devices, and networks contain confidential data to verify compliance with institutional policy and standards. Test these devices for weakness in operating systems, applications, and encryption that could indicate that institutional procedures are not being followed properly.

7.4 Routinely Monitor log files  

7.5 Routinely Audit

7.6 Procurement Procedures and Contract

7.7 System Development Methodologies   The prevention of new data handling problems from being introduced into the environment.

7.8 Implement Incident Response Policies and Procedures  


<< Step 6                        Back Confidential Data Handling Blueprint Home