0% found this document useful (0 votes)

157 views23 pages

Osmacc en

This document presents the Organizations' Social Media Accounts Cybersecurity Controls (OSMACC) developed by the National Cybersecurity Authority of Saudi Arabia. The OSMACC aims to enhance protection of organizations' social media accounts and contribute to a safe and reliable national cyber space. It consists of 3 main domains, 12 subdomains, 15 main controls, and 38 subcontrols. The controls apply to government organizations and private sector organizations operating critical infrastructure in Saudi Arabia. Organizations must comply with applicable controls to safely use social networks in accordance with national cybersecurity goals and regulations.

Uploaded by

Ahmed Alhassar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

157 views23 pages

Osmacc en

Uploaded by

Ahmed Alhassar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 23

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

Organizations’ Social Media

Accounts
Cybersecurity Controls
)OSMACC -1:2021(

Sharing Notice: White

Document Classification: Open

Document Classification: Open 1

Disclaimer: The following controls will be governed by and implemented
in accordance with the laws of the Kingdom of Saudi Arabia, and must be
subject to the exclusive jurisdiction of the courts of the Kingdom of Saudi
Arabia. Therefore, the Arabic version will be the binding language for all
matters relating to the meaning or interpretation of this document.
In the Name of Allah,
The Most Gracious,
The Most Merciful
Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

Traffic Light Protocol (TLP):

This marking protocol is widely used around the world. It has four colors (traffic lights):
Red – Personal and Confidential to the Recipient only
The recipient is not allowed to share red-classified materials with any person, from within or outside
the organization, beyond the scope specified for receipt.
Amber – Limited Sharing
The recipient of amber-classified materials may share the information contained therein with concerned
personnel only in the same organization, and with those competent to take procedures with regard to
the information.
Green – Sharing within the Same Community
Green-classified materials may be shared with others within the same organization or in other
organization that have relations with your organization or are operating in the same sector. However,
such materials may not be shared or exchanged through public channels.
White – No Restrictions

6 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

Table of Contents

Executive Summary 8
Introduction 9
Objectives 10
Scope of Work and Applicability 10
Scope of Work 10
Statement of Applicability 10
Implementation and Compliance 11
Update and Review 11
OSMACC Domains and Structure 12
Main Domains and Subdomains of OSMACC 12
Structure 13
OSMACC 14
Appendices 20
Appendix (A): The relationship with the Essential Cybersecurity Control 20

List of Tables
Table (1): OSMACC Structure 13

List of the Figures & Illustrations

Figure (1): OSMACC Main Domains and Subdomains 12
Figure (2): OSMACC Controls Coding Scheme 13
Figure (3): OSMACC Controls Structure 13
Figure (4): Guide to Colors of Subdomains in Figure 5 20
Figure (5): ECC and OSMACC Subdomains 21

Document Classification: Open 7

Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

Executive Summary

Social networks are one of the enablers for rapid and effective communication with the beneficiaries,
which contributes to a speedy response and improving and facilitating the experience of the beneficiaries.
With the increase in the use of social networks officially by organizations inside the Kingdom to
communicate with the beneficiaries, the risk of theft crimes of official social media accounts, misuse of
them or impersonation has increased, which necessitates setting cybersecurity requirements to reduce
these risks.
To contribute to reducing these risks and enhancing the protection of organizations’ social media
accounts, with the aim of reaching a safe and reliable Saudi cyber space that enables growth and
prosperity; The National Cybersecurity Authority has developed the Organizations’ Social Media
Accounts Cybersecurity Controls (OSMACC - 1: 2021) to set the minimum cybersecurity requirements
to enable organizations to use social networks in a safe manner. This document explains the details
of the Organizations’ Social Media Accounts Cybersecurity Controls, their goals, scope of work, and
compliance approach and monitoring.
Organizations must implement all necessary measures to ensure continuous compliance with these
controls, in order to comply with item 3 of article 10, in the mandate of the National Cybersecurity
Authority.

8 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

Introduction

The National Cybersecurity Authority (referred to in this document as “The Authority”) has developed
the Organizations’ Social Media Accounts Cybersecurity Controls (OSMACC - 1: 2021) after conducting
a study of cybersecurity best practices and analyzing previous cyber incidents and attacks. This comes
within the mandate and tasks of The Authority according to its mandate as per the Royal Decree No.
(6801) dated 11/2/1439 AH, “Establishing policies, governance mechanisms, frameworks, standards,
controls and guidelines related to cybersecurity, circulating them to the relevant organization, following
up on compliance with them, and updating them.”
Social networks are one of the enablers for rapid and effective communication with the beneficiaries,
which contributes to a speedy response and improving and facilitating the experience of the beneficiaries.
With the increase in the use of social networks officially by organizations inside the Kingdom to
communicate with the beneficiaries, the risk of theft crimes of official social media accounts or misuse
of them has increased. In addition, the risk of impersonation of official organizations in social networks.
To contribute to reducing these risks and enhancing the protection of organizations’ social media
accounts, with the aim of reaching a safe and reliable Saudi cyber space that enables growth and
prosperity; The National Cybersecurity Authority has developed the Organizations’ Social Media
Accounts Cybersecurity Controls (OSMACC - 1: 2021) to set the minimum cybersecurity requirements
to enable Organizations’ to use social networks in a safe manner.
In preparing the Organizations’ Social Media Accounts Cybersecurity Controls, The Authority has
been keen to align its components with the components of the Essential Cybersecurity Controls that
are a basic requirement for the OSMACC. Adherence to OSMACC can only be achieved by achieving
continuous compliance with the Essential Cybersecurity Controls in the first place, as they are linked
to relevant national and international legislative and regulatory requirements.
The Organizations’ Social Media Accounts Cybersecurity Controls consist of the following:
• 3 Main Domains
• 12 Subdomains
• 15 Main Controls
• 38 Subcontrols

Document Classification: Open 9

Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

Objectives

The Organizations’ Social Media Accounts Cybersecurity Controls aim to:

• Contribute to raising the level of cybersecurity at the national level.
• Enabling organizations to use social networks in a safe manner.
• Readiness to respond effectively to cyber incidents that may have negative impacts.

Scope of Work and Applicability

Scope of Work
These controls apply to government organizations in the Kingdom of Saudi Arabia, including ministries,
authorities, establishments and others, and organizations and companies related to them. It also applies
to private sector organizations that own, operate or host sensitive national infrastructure. All of them
are referred to in this document as (The Organization).
The NCA strongly encourages all other organizations in the Kingdom to leverage these controls to
implement best practices to improve and enhance their cybersecurity.

Statement of Applicability
These controls have been prepared so that they are compatible with the cybersecurity requirements
for all organizations and sectors in the Kingdom of Saudi Arabia taking into account the diversity
and nature of work, and The Organization that uses social networks must adhere to all the controls
applicable to it.

10 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

Implementation and Compliance

In order to comply with item 3 of article 10, in the mandate of the National Cybersecurity Authority,
organizations must implement all necessary measures to ensure continuous compliance with these
controls, which cannot be achieved without achieving continuous compliance with the Essential
Cybersecurity Controls (ECC – 1: 2018) where applicable.
The Authority evaluates organizations’ compliance with the OSMACC through multiple means such
as self-assessments by the organizations, and/or on-site audits, in accordance with the mechanisms
deemed appropriate by the Authority.

Update and Review

The Authority will periodically review and update the OSMACC as per the cybersecurity requirements
and the related industry updates. The Authority will communicate and publish the updated version of
OSMACC for implementation and compliance.

Document Classification: Open 11

Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

OSMACC Domains and Structure

Main Domains and Subdomains of OSMACC

Figure (1) below shows the main domains and subdomains of the Organizations’ Social Media Accounts
Cybersecurity Controls. Appendix (A) shows the relationship with the Essential Cybersecurity Controls.

Cybersecurity Poli- Cybersecurity Risk

1-1 1-2
cies and Procedures Management
1- Cybersecurity Governance Cybersecurity Aware-
Cybersecurity in
1-3 1-4 ness and Training
Human Resources
Program
Identity and Access
2-1 Asset Management 2-2
Management
Information System
Mobile Devices Secu-
2-3 and Processing Fa- 2-4
rity
cilities Protection
2- Cybersecurity Defense
Cybersecurity Event
Data and Informa-
2-5 2-6 Logs and Monitoring
tion Protection
Management
2-7 Cybersecurity Incident and Threat Management

3- Third-Party and Cloud Com-

3-1 Third-Party Cybersecurity
puting Cybersecurity

Figure 1: OSMACC Main Domains and Subdomains

12 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

Structure
Figures (2) and (3) below show the meaning of controls codes.

OSMACC - 1 : 2021

Organizations’ Social Media Version No. Year of Issuance

Accounts Cybersecurity Controls

Figure (2): OSMACC Controls Coding Scheme

2 - 3 - 2 - 6 ١

Main Domain No
Subdomain No
Main Control No
Subcontrol No
Figure 3: OSMACC Controls Structure
Table (1) shows the structure of OSMACC.

1 Name of Main Domain

Reference number of the Main Domain

Reference number of the Subdomain Name of Subdomain
Objective
Controls
Reference number of the control Control clauses

Table1 : OSMACC Structure

Document Classification: Open 13

Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

Organizations’ Social Media Accounts Cybersecurity Controls (OSMACC)

1 Cybersecurity Governance

1-1 Cybersecurity Policies and Procedures

To ensure that cybersecurity requirements are documented, communicated and complied
Objective with by the organization as per related laws and regulations, and organizational require-
ments.
Controls
1-1-1 Referring to control 1-3-1 in the ECC, cybersecurity policies and procedures must include
the following:
1-1-1-1 Defining and documenting the cybersecurity requirements for organi-
zations’ social media accounts as part of the organization’s cybersecurity
policies.

1-2 Cybersecurity Risk Management

To ensure managing cybersecurity risks in a methodological approach in order to protect
Objective the organization’s information and technology assets as per organizational policies and pro-
cedures, and related laws and regulations.
Controls
In addition to the controls within subdomain 1-5 in the ECC, requirements for cybersecu-
1-2-1
rity risk management should include at least the following:
1-2-1-1 Assessing cybersecurity risks for organization’s social media accounts,
once per year at least.
1-2-1-2 Assessing cybersecurity risks during planning and before permitting use
of organization’s social media accounts.
1-2-1-3 Including cybersecurity risks related to organization’s social media
accounts in the organization’s cybersecurity risk register, and monitoring
it at least once a year.
1-3 Cybersecurity in Human Resources
To ensure that cybersecurity risks and requirements related to personnel (employees and
contractors) are managed efficiently prior to employment, during employment and after
Objective
termination/separation as per organizational policies and procedures, and related laws and
regulations.

14 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

Controls
1-3-1 In addition to the subcontrols within control 1-9-4 in the ECC, the cybersecurity require-
ments for personnel responsible for managing the organization’s social media accounts
should include at least the following:
1-3-1-1 Cybersecurity awareness about social media accounts.
Implementation of and compliance with the cybersecurity requirements
1-3-1-2
as per the organizational cybersecurity policies and procedures for the
organization’s social media accounts.
1-4 Cybersecurity Awareness and Training Program
To ensure that personnel are aware of their cybersecurity responsibilities and have the es-
sential cybersecurity awareness. It is also to ensure that personnel are provided with the
Objective required cybersecurity training, skills and credentials needed to accomplish their cyberse-
curity responsibilities and to protect the organization’s information and technology assets.
Controls
1-4-1 In addition to the subcontrols within control 1-10-3 in the ECC, the cybersecurity aware-
ness program must cover the awareness about the potential cyber risks and threats related
to the organization’s social media accounts and the secure use to minimize these risks and
threats, including the following:
1-4-1-1 Secure use and protection of devices dedicated to the organization’s social
media accounts and ensuring that they do not contain classified data or
used for personal purposes.
1-4-1-2 Secure handling of identities, passwords and security questions.
1-4-1-3 Organization’s social media accounts restoration plan and dealing with
cybersecurity incidents.
1-4-1-4 Secure handling of applications and solutions used for the organization’s
social media accounts.
1-4-1-5 Not to use the organization’s social media accounts for personal purposes
such as browsing.
1-4-1-6 Avoiding accessing the organization’s social media accounts using
untrusted public devices or networks.
1-4-1-7 Communicating directly with the cybersecurity department if a
cybersecurity threat is suspected.
1-4-2 In addition to the subcontrols within control 1-10-4 in the ECC, personnel responsible for
managing the organization’s social media accounts must be trained on the required techni-
cal skills, plans and procedures necessary to ensure the implementation of the cybersecuri-
ty requirements and practices when using the organization’s social media accounts.

Document Classification: Open 15

Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

2 Cybersecurity Defense

2-1 Asset Management

To ensure that the organization has an accurate and detailed inventory of information and
technology assets in order to support the organization’s cybersecurity and operational re-
Objective quirements to maintain the confidentiality, integrity and availability of information and
technology assets.
Controls
2-1-1 In addition to the controls within subdomain 2-1 in the ECC, cybersecurity requirements
for managing infromation and technology assets must include at least the following:
2-1-1-1 Identifying and inventorying organization’s social media accounts, and
information and technology assets related to them, and updating them at
least once, every year.
2-2 Identity and Access Management
To ensure the secure and restricted logical access to information and technology assets in
Objective order to prevent unauthorized access and allow only authorized access for users which are
necessary to accomplish assigned tasks.
Controls
2-2-1 In addition to the subcontrols within control 2-2-3 in the ECC, cybersecurity require-
ments for identity and access management related to organization’s social media accounts
shall include at least the following:
2-2-1-1 Using social media accounts designated for organizations, not individuals.
2-2-1-2 Registering using official information (official specific social media email
and official mobile number), and do not use personal information.
2-2-1-3 Verifying organization’s social media accounts whenever possible and
maintaining a consistent identity across all organization’s social media
accounts used; to facilitate knowledge of official accounts, and to discover
fraud or unofficial accounts.
2-2-1-4 Using a secure and specific password for each organization’s social media
account, changing the password regularly, and not to repeate use of
passwords.
2-2-1-5 Using multi-factor authentication for organization’s social media accounts
logins.
2-2-1-6 Activating and updating security questions and documenting them in a
safe place.

16 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

2-2-1-7 Managing organization’s social media accounts access rights based on

business need, considering the sensitivity of the accounts, the level of
access rights and the type of devices and systems used.
2-2-1-8 Restricting access rights of service providers of social media manage-
ment, social media monitoring or brand protection.
2-2-1-9 Restricting access to organization’s social media accounts to specific
devices.
2-2-2 With reference to ECC subcontrol 2-2-3-5, user identities and access rights used for or-
ganization’s social media accounts must be reviewed at least once every year.
2-3 Information System and Processing Facilities Protection
To ensure the protection of information systems and information processing facilities (in-
Objective cluding workstations and infrastructures) against cyber risks.
Controls
2-3-1 In addition to the subcontrols in ECC control 2-3-3, cybersecurity requirements for protect-
ing organization’s social media accounts and technology assets related to them must include
at least the following:
2-3-1-1 Applying updates and security patches for social media applications at
least once a month.
2-3-1-2 Reviewing configurations and hardening of organization’s social media
accounts and technology assets related to them at least once a year.
2-3-1-3 Reviewing and hardening default configurations, such as default pass-
words, pre-login, and lockout, for organization’s social media accounts
and technology assets related to them.
2-3-1-4 Restricting activiation of features and services in social media accounts
on need basis and carrying out risk assessment if there is a need to activ-
iate it.
2-4 Mobile Device Security
To ensure the protection of mobile devices (including laptops, smartphones, tablets) from
Objective cyber risks and to ensure the secure handling of the organization’s information (including
sensitive information) while utilizing Bring Your Own Device (BYOD) policy.
Controls
2-4-1 In addition to the subcontrols within control 2-6-3 in the ECC, cybersecurity require-
ments for mobile device security related to organization’s social media accounts must
include at least the following:
2-4-1-1 Centrally manage mobile devices for organization’s social media accounts
using a Mobile Device Management system (MDM).
2-4-1-2 Applying updates and security patches on mobile devices, at least once
every month.

Document Classification: Open 17

Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

2-5 Data and Information Protection

To ensure the confidentiality, integrity and availability of organization’s data and informa-
Objective tion as per organizational policies and procedures, and related laws and regulations.
Controls
2-5-1 In addition to the subcontrols in ECC control 2-7-3, cybersecurity requirements for pro-
tecting and handling data and information for organization’s social media accounts must
include at least the following:
2-5-1-1 Technology assets for management of organization’s social media ac-
counts must not contain classified data, per relevant regulations.
2-6 Cybersecurity Events Logs and Monitoring Management
To ensure timely collection, analysis and monitoring of cybersecurity events for early detec-
Objective tion of potential cyber-attacks in order to prevent or minimize the negative impacts on the
organization’s operations.
Controls
2-6-1 In addition to the subcontrols in ECC control 2-12-3, cybersecurity requirements for event
logs and monitoring management for organization’s social media accounts and technology
assets related to them must include at least the following:
2-6-1-1 Activating all notifications and cybersecurity alerts for organization’s so-
cial media accounts and cybersecurity events logs on related technology
assets.
2-6-1-2 Following organization’s social media accounts and monitoring them
to ensure that they do not post any unauthorized content, or login any
unauthorized access.
2-6-1-3 Monitoring social media networks to ensure the organization is not being
impersonated.
2-6-1-4 Automated monitoring for any change in the accounts pattern, indicators
of compromise, or the publication of any unauthorized content or imper-
sonation of the organization.
2-7 Cybersecurity Incident and Threat Management
To ensure timely identification, detection, effective management and handling of cyber-
Objective security incidents and threats to prevent or minimize negative impacts on organization’s
operation taking into consideration the Royal Decree number 37140, dated 14/8/1438H.
Controls
2-7-1 In addition to the subcontrols within control 2-13-3 in ECC, cybersecurity requirements
for incident and threat management in the organization must include at least the follow-
ing:
2-7-1-1 Developing a plan to recover the organization’s social media accounts and
to deal with cyber incidents.

18 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

3 Third Party and Cloud Computing Cybersecurity

3-1 Third-Party Cybersecurity

To ensure the protection of assets against the cybersecurity risks related to third-parties
Objective including outsourcing and managed services as per organizational policies and procedures,
and related laws and regulations.
Controls
3-1-1 A need assessment for the use of social media management, automated monitoring or
brand protection services along with associcated cybersecurity risks must be conducted.
3-1-2 In addition to the subcontrols within control 4-1-2 in ECC, cybersecurity requirements for
use of social media management, automated monitoring or brand protection services in
the organization must include at least the following:
3-1-2-1 Non-disclosure clauses and secure removal of organization’s data by the
third-party upon service termination.
3-1-2-2 Communication procedures to report vulnerabilities and cyber incidents.
3-1-2-3 Requirments for the third-party to comply with cybersecurity require-
ments and policies to protect organizations’ social media accounts, and
related laws and regulation.

Document Classification: Open 19

Sharing Notice: White Organizations’ Social Media Accounts Cybersecurity Controls

Appendices

Appendix (A): The relationship with the Essential Cybersecurity Controls

The Organizations’ Social Media Accounts Cybersecurity Controls is an extension to the Essential
Cybersecurity Controls (ECC- 1: 2018) as shown in figures (4) and (5), through the following:

• (12) subdomains, to which cybersecurity controls have been added for organizations’ social
media accounts
• (17) subdomains, to which no additional cybersecurity controls have been added for
organizations’ social media accounts

Subdomains where cybersecurity controls have been added for

organizations’ social media accounts
Subdomains where no additional cybersecurity controls have been added
for organizations’ social media accounts

Figure 4: Guide to Colors of Subdomains in Figure 5

20 Document Classification: Open

Organizations’ Social Media Accounts Cybersecurity Controls Sharing Notice: White

Cybersecurity Strategy Cybersecurity Management

Cybersecurity Poli- Cybersecurity Roles and Respon-

1-1
cies and Procedures sibilities
Cybersecurity Risk Cybersecurity in Information
1-2
1- Cybersecurity Governance Management Technology Projects
Cybersecurity Regulatory Cybersecurity Periodical Assess-
Compliance ment and Audit
Cybersecurity Aware-
Cybersecurity in
1-3 1-4 ness and Training
Human Resources
Program
Identity and Access
2-1 Asset Management 2-2
Management
Information System
2-3 and Processing Fa- Email Protection
cilities Protection
Networks Security Manage- Mobile Devices Secu-
2-4
ment rity
Data and Informa-
2-5 Cryptography
tion Protection
2- Cybersecurity Defense Backup and Recovery Man-
Vulnerabilities Management
agement
Cybersecurity Event
Penetration Testing 2-6 Logs and Monitoring
Management
Cybersecurity
2-7 Incident and Threat Physical Security
Management
Web Application Security

Cybersecurity Resilience aspects of Business Continuity Manage-

3- Cybersecurity Resilience ment (BCM)
4- Third-Party and Cloud Com- Third-Party Cyber- Cloud Computing and Hosting Cyber-
3-1 security
puting Cybersecurity security

5 - ICS Cybersecurity Industrial Control Systems (ICS) Protection

Figure 5: ECC and OSMACC Subdomains

Document Classification: Open 21

SAP SuccessFactors Integration With GRC AC 12.0
100% (1)
SAP SuccessFactors Integration With GRC AC 12.0
21 pages
Compliance With: Saudi NCA-ECC Based On ISO/IEC 27001
No ratings yet
Compliance With: Saudi NCA-ECC Based On ISO/IEC 27001
8 pages
The Cloud Strategy Cookbook, 2019
No ratings yet
The Cloud Strategy Cookbook, 2019
16 pages
NPTEL CC Assignment1
No ratings yet
NPTEL CC Assignment1
4 pages
Telework Cybersecurity Controls (TCC - 1 - 2021) - (28p)
No ratings yet
Telework Cybersecurity Controls (TCC - 1 - 2021) - (28p)
28 pages
Mpls Checklist
No ratings yet
Mpls Checklist
4 pages
CSF PF To Sp800 53r5 Mappings
No ratings yet
CSF PF To Sp800 53r5 Mappings
285 pages
WebTrust For CA 22 PDF
No ratings yet
WebTrust For CA 22 PDF
97 pages
BCMS-DOC-07-3 Competence Development Procedure
No ratings yet
BCMS-DOC-07-3 Competence Development Procedure
15 pages
Pii Awareness Training: Don'T Be Tomorrow'S Headlines
No ratings yet
Pii Awareness Training: Don'T Be Tomorrow'S Headlines
38 pages
Iso 22318 Supply Chain Management
No ratings yet
Iso 22318 Supply Chain Management
28 pages
info-security-policy
No ratings yet
info-security-policy
21 pages
CISO-brochure-download-1
No ratings yet
CISO-brochure-download-1
12 pages
Guidelines On Outsourcing To Cloud Service Providers - EN
No ratings yet
Guidelines On Outsourcing To Cloud Service Providers - EN
16 pages
Essential Guide GDPR 012018
No ratings yet
Essential Guide GDPR 012018
24 pages
BCMS-DOC-00-1 BCMS Project Initiation Document
No ratings yet
BCMS-DOC-00-1 BCMS Project Initiation Document
20 pages
Payment Card Industry (PCI) Data Security Standards (DSS)
No ratings yet
Payment Card Industry (PCI) Data Security Standards (DSS)
2 pages
Cybersecurity CISO Vital Part Operations
No ratings yet
Cybersecurity CISO Vital Part Operations
11 pages
Pta Ctdisr
No ratings yet
Pta Ctdisr
62 pages
AHP - Incident Register - V1.0
No ratings yet
AHP - Incident Register - V1.0
3 pages
ISMS-DeS-L2 28 Information Security Aspects of Business Continuity Management Procedure
No ratings yet
ISMS-DeS-L2 28 Information Security Aspects of Business Continuity Management Procedure
6 pages
Iso 27000
100% (1)
Iso 27000
10 pages
Data Protection and Privacy Policy - (Template) 5 7 2021
No ratings yet
Data Protection and Privacy Policy - (Template) 5 7 2021
5 pages
Ittihad University: Assignment Two
0% (1)
Ittihad University: Assignment Two
12 pages
Project Scope Statement Template
No ratings yet
Project Scope Statement Template
11 pages
Security Audit - IsO 27001 2022, CSDI Based Framework - Harpreet Singh ISO 27001-2022 - LA
No ratings yet
Security Audit - IsO 27001 2022, CSDI Based Framework - Harpreet Singh ISO 27001-2022 - LA
44 pages
GDPR - Skillcast Presentation Template
100% (1)
GDPR - Skillcast Presentation Template
23 pages
ISO 27001
100% (1)
ISO 27001
41 pages
ITGC
No ratings yet
ITGC
11 pages
Meeting Room Catalogue v3.1
No ratings yet
Meeting Room Catalogue v3.1
21 pages
BCMS Communication Procedure
100% (2)
BCMS Communication Procedure
16 pages
Lu en Isae3402-Ssae16 04072014 PDF
100% (1)
Lu en Isae3402-Ssae16 04072014 PDF
12 pages
ISO27k Model Policy On Change Management and Control
No ratings yet
ISO27k Model Policy On Change Management and Control
10 pages
Open COBIT 2019 Overview - v1.1 4
No ratings yet
Open COBIT 2019 Overview - v1.1 4
37 pages
Iot Fundamentals:: Security & Privacy
No ratings yet
Iot Fundamentals:: Security & Privacy
21 pages
Iso 22301 Checklist Template
No ratings yet
Iso 22301 Checklist Template
9 pages
Vebuka SMS-DOC-084-7 Capacity Plan
No ratings yet
Vebuka SMS-DOC-084-7 Capacity Plan
12 pages
2020-08-10 Final Report Inshared SOC2 Type 1
No ratings yet
2020-08-10 Final Report Inshared SOC2 Type 1
229 pages
DataGuard ISO27001 Implementation Roadmap UK
No ratings yet
DataGuard ISO27001 Implementation Roadmap UK
10 pages
2022 Update - ISO 27001 Information Security Management Standard - BSI
No ratings yet
2022 Update - ISO 27001 Information Security Management Standard - BSI
5 pages
Isms Implementation Iso 27003
No ratings yet
Isms Implementation Iso 27003
5 pages
Qua PRC 1026
No ratings yet
Qua PRC 1026
10 pages
Cloud Top10 Security Risks
No ratings yet
Cloud Top10 Security Risks
35 pages
Priso27001howtousetheismsimplementationtoolkit 230815064930 341f1004
No ratings yet
Priso27001howtousetheismsimplementationtoolkit 230815064930 341f1004
60 pages
Acceptable Use Policy
No ratings yet
Acceptable Use Policy
8 pages
Security Guidance For Critical Areas of Focus in Cloud Computing v5 Release Presentation
No ratings yet
Security Guidance For Critical Areas of Focus in Cloud Computing v5 Release Presentation
51 pages
ISO27k1 SMSI Declaration Applicabilite 2022
No ratings yet
ISO27k1 SMSI Declaration Applicabilite 2022
5 pages
User Evidencecollection CC Evidence Collection Checklist v2-2021-11!23!02!35!16
No ratings yet
User Evidencecollection CC Evidence Collection Checklist v2-2021-11!23!02!35!16
71 pages
NIST SP 800-88r1
No ratings yet
NIST SP 800-88r1
64 pages
7.12 - Operational Security Procedures - v2
No ratings yet
7.12 - Operational Security Procedures - v2
30 pages
Web Security and Email Security
No ratings yet
Web Security and Email Security
57 pages
Cvss v31 User Guide - r1 PDF
No ratings yet
Cvss v31 User Guide - r1 PDF
22 pages
ABC Technologies - Coursework Case Study
No ratings yet
ABC Technologies - Coursework Case Study
13 pages
AI Risks Assessment and Regulatory Measures in Critical Sectors Insights From The EU AI Act
No ratings yet
AI Risks Assessment and Regulatory Measures in Critical Sectors Insights From The EU AI Act
22 pages
Dora Key Provisions Best Practices PDF
No ratings yet
Dora Key Provisions Best Practices PDF
14 pages
ISMS Implementation. Using COBIT For Inspiration: Cobit (By Isaca) : Core Books
No ratings yet
ISMS Implementation. Using COBIT For Inspiration: Cobit (By Isaca) : Core Books
5 pages
Project Management Conference PMP Overview: PMP Exam Ice Cracker! Dr. Kanabar
No ratings yet
Project Management Conference PMP Overview: PMP Exam Ice Cracker! Dr. Kanabar
57 pages
Complete Study Material
No ratings yet
Complete Study Material
118 pages
XM IS Governance
No ratings yet
XM IS Governance
1 page
IT Service Management: ISO/IEC 20000 1:2018 - Introduction and Implementation Guide - Second edition
From Everand
IT Service Management: ISO/IEC 20000 1:2018 - Introduction and Implementation Guide - Second edition
Dolf van der Haven
No ratings yet
Continuity of Operations The Ultimate Step-By-Step Guide
From Everand
Continuity of Operations The Ultimate Step-By-Step Guide
Gerardus Blokdyk
No ratings yet
IoT Platform Complete Self-Assessment Guide
From Everand
IoT Platform Complete Self-Assessment Guide
Gerardus Blokdyk
No ratings yet
Information Classification and Management Policy Template
No ratings yet
Information Classification and Management Policy Template
6 pages
CCRF en
No ratings yet
CCRF en
26 pages
Security Awareness and Training Policy
No ratings yet
Security Awareness and Training Policy
3 pages
Cyberabia - Developments in The Cybersecurity Regulatory Landscape in Saudi Arabia
No ratings yet
Cyberabia - Developments in The Cybersecurity Regulatory Landscape in Saudi Arabia
5 pages
Number: 000-000 Passing Score: 800 Time Limit: 120 Min File Version: 1.0
0% (1)
Number: 000-000 Passing Score: 800 Time Limit: 120 Min File Version: 1.0
20 pages
1Z0-084-Demo
No ratings yet
1Z0-084-Demo
4 pages
Gray and White Simple Clean Resume
No ratings yet
Gray and White Simple Clean Resume
1 page
CCNA 1 Final v5.0 Exam Answers 2015 100
No ratings yet
CCNA 1 Final v5.0 Exam Answers 2015 100
50 pages
Csv
No ratings yet
Csv
3 pages
Visual Computing Disciplines
No ratings yet
Visual Computing Disciplines
3 pages
Stock Import Management System: Name-Aditya Gupta CLASS-12-B Board Roll Number-23669774
No ratings yet
Stock Import Management System: Name-Aditya Gupta CLASS-12-B Board Roll Number-23669774
16 pages
Usability Testing 101 Norman Nielsen Group
No ratings yet
Usability Testing 101 Norman Nielsen Group
9 pages
Troubleshooting Tools
No ratings yet
Troubleshooting Tools
18 pages
Devops
No ratings yet
Devops
2 pages
PROJECT
No ratings yet
PROJECT
38 pages
Big Data and BDA
No ratings yet
Big Data and BDA
44 pages
Question Bank PDF
No ratings yet
Question Bank PDF
3 pages
It Administrator 1560855147
No ratings yet
It Administrator 1560855147
2 pages
Slack, The Only Collaboration Software Made For Remote Workers
No ratings yet
Slack, The Only Collaboration Software Made For Remote Workers
12 pages
MODULE-1 PART-2 Information Security Fundamentals
No ratings yet
MODULE-1 PART-2 Information Security Fundamentals
11 pages
Tensorflow Enterprise
100% (3)
Tensorflow Enterprise
544 pages
Network Security Monitoring System Chap1
No ratings yet
Network Security Monitoring System Chap1
4 pages
© The Institute of Chartered Accountants of India
No ratings yet
© The Institute of Chartered Accountants of India
9 pages
sciencelogic_ha_and_dr_12-1-0
No ratings yet
sciencelogic_ha_and_dr_12-1-0
110 pages
Coursework 3: Single Page Web Application: 1. Summary
No ratings yet
Coursework 3: Single Page Web Application: 1. Summary
5 pages
Ce
No ratings yet
Ce
40 pages
Lab Answer Key: Module 5: Implementing and Managing IPAM Lab: Implementing IPAM
No ratings yet
Lab Answer Key: Module 5: Implementing and Managing IPAM Lab: Implementing IPAM
6 pages
Unit 4
No ratings yet
Unit 4
53 pages
Assignment 01 (Data Models)
No ratings yet
Assignment 01 (Data Models)
6 pages
Excel Pivot Table Pivot Cache
No ratings yet
Excel Pivot Table Pivot Cache
11 pages
70-703 V14.35
No ratings yet
70-703 V14.35
109 pages
CnMaestro 3.0.4 On-Premises User Guide
No ratings yet
CnMaestro 3.0.4 On-Premises User Guide
596 pages