Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security Policies Used by PHPS - Coggle Diagram
Security Policies Used by PHPS
Responsibility to staff for Security of Information
A policy should outline the security responsibilities of all staff members, including
Password management
Data handling procedures
Reporting security incidents
Disaster Recovery
PHPS need to have a comprehensive data recovery plan
Practice Restoring Data
Regular on-site backups
Ensure business continuity
Procedures for the restoration of data
Regular off-site backups
Staff Access Rights to Information
A policy should outline the security responsibilities of all staff members, including:
PHPS needs a clear policy defining who has access to what information
this policy should be based on the principle of least privilege, granting only the necessary access for each role
Information Security Risk Assessment
Regular risk assessments are essential to identify potential security vulnerabilities and threats, these assessments should consider:
Human error
Physical Security
Technical vunerabilities
Effectiveness of Security Measures
PHPS should regularly review and evaluate the effectiveness of its security measure, which includes:
Security Audits
Penetration testing
Monitoring security logs
Training of Staff to Handle Information
Regular security awareness training to educate staff on security practices should cover
Phishing Awareness
Data handling procedures
Password Security
How to report security concerns