Control Title Control Description Reference to Industry Standard Implemented Clause Samples

This clause establishes a requirement for documenting the title and description of a specific control, as well as referencing the relevant industry standard that the control implements. In practice, it ensures that each control within a policy or system is clearly identified by name, described in terms of its purpose or function, and linked to recognized standards such as ISO, NIST, or other frameworks. By mandating this structured documentation, the clause promotes transparency, facilitates compliance audits, and helps organizations demonstrate alignment with industry best practices.
Control Title Control Description Reference to Industry Standard Implemented. (Yes/No) Passwords Passwords Passwords should be implemented on all IT applications and should not be shared. Passwords should be stored in encrypted form. All passwords must meet the following complexity requirements: - Minimum length of 8 characters - Must contain at least 1 upper-case character - Must contain at least 1 number - Must contain at least 1 special character - Must not be the same as the last 24 passwordsused - Accounts are locked after 5 incorrect login attempts ISO 27001 A.9.2.4 ISO 27001 A.9.3.1 ISO 27001 A.9.4.2 ISO 27001 A.9.4.3 Unique Use of User IDs End users should each be assigned an individual user ID or identifier for accessing IT resources to ensure accountability. In circumstances where generic user IDs may exist for various business reasons, only one (1) user should have access to such accounts ISO 27018 A.
View SourceView Similar (2)
Control Title Control Description Reference to Industry Standard Implemented. (Yes/No) solutions should be kept up to date. Vulnerability Management Supplier shall define a process to identifyand remediate vulnerabilities to IT applications (e.g., a patch management process) ISO 27001A.
View SourceView Similar (2)
Control Title Control Description Reference to Industry Standard Implemented. (Yes/No) security events which maybe deemed as an incident ISO 27001A.16.1.4
View SourceView Similar (2)
Control Title Control Description Reference to Industry Standard Implemented. (Yes/No) should be segregated where appropriate (development vs test environment etc.)
View SourceView Similar (2)
Control Title Control Description Reference to Industry Standard Implemented. (Yes/No)
View Source

Related to Control Title Control Description Reference to Industry Standard Implemented

  • Certification of Meeting or Exceeding Tobacco-Free Workplace Policy Minimum Standards A. Grantee certifies that it has adopted and enforces a Tobacco-Free Workplace Policy that meets or exceeds all of the following minimum standards of: i. Prohibiting the use of all forms of tobacco products, including but not limited to cigarettes, cigars, pipes, water pipes (hookah), bidis, kreteks, electronic cigarettes, smokeless tobacco, snuff and chewing tobacco; ii. Designating the property to which this Policy applies as a "designated area,” which must at least comprise all buildings and structures where activities funded under this Grant Agreement are taking place, as well as Grantee owned, leased, or controlled sidewalks, parking lots, walkways, and attached parking structures immediately adjacent to this designated area; iii. Applying to all employees and visitors in this designated area; and iv. Providing for or referring its employees to tobacco use cessation services. B. If Grantee cannot meet these minimum standards, it must obtain a waiver from the System Agency.

  • Geographic Area and Sector Specific Allowances, Conditions and Exceptions The following allowances and conditions shall apply where relevant. Where the Employer does work which falls under the following headings, the Employer agrees to pay and observe the relevant respective conditions and/or exceptions set out below in each case.

  • Sector Sub-Sector Industry Classification Level of Government Type of Obligation Description of Measure Source of Measure All sectors : : - : Central : National Treatment Senior Management and Board of Directors : National Treatment and the Senior Management and Board of Directors obligations shall not apply to any measure relating to small and medium sized domestic market enterprise2. Foreign equity is restricted to a maximum of 40% for domestic market enterprises with paid-in equity capital of less than the equivalent of USD 200,000 Note: Members of the Board of Directors or governing body of corporation or associations shall be allowed in proportion to their allowable participation or share in the capital of such enterprises. : -1987 Constitution of the Republic of the Philippines. - Foreign Investments Act of 1991 (R.A. No. 7042, as amended by R.A. No. 8179). -Presidential and Administrative Issuances. ∞ 2 The concept of a small and medium sized domestic market enterprise is an enterprise with paid in equity capital of less than the equivalent of USD 200,000.00.

  • PREVAILING WAGE RATES - PUBLIC WORKS AND BUILDING SERVICES CONTRACTS If any portion of work being Bid is subject to the prevailing wage rate provisions of the Labor Law, the following shall apply:

  • Penalties for Non-compliance to Service Level Agreement Where the Supplier/Service Provider fails to deliver the Goods/Services within the agreed and accepted milestone timelines and provided that the cause of the delay was not due to a fault of Transnet, penalties shall be imposed at …………………………………………………… .