Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security Policies used by PHPS - Coggle Diagram
Security Policies used by PHPS
Staff access rights to information
PHPS needs a clear policy defining who has access to what information.
This policy should be based on the principle of least privilege, granting only the necessary access for each role.
Disaster recovery
Ensure business continuity
Regulars off site backup
Regular onsite backup
Procedures for restoring data
PHPS need to have a comprehensive data recovery plan
Practice restoring our data
Responsibility to staff for security of information
Information security risk assessment
Regular risk assessments are essential to identify potential security vulnerabilities and threats.
Physical security.
Human error.
Technical vulnerabilities.
These assessments should consider:
The outcome of the risk assessment should be used to improve the security posture of the company.
Training staff to handle information
Effectiveness of security measures
Effectiveness of Protection Measures:
PHPS should regularly review and evaluate the effectiveness of its security measures.
This includes:
Security audits.
Penetration testing.
Monitoring security logs.