Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
GV.PO-01.1: Policies and procedures for managing information and cybersecurity shall be established, documented, reviewed, approved, updated when changes occur, communicated and enforced. |
|
GV.PO-01.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p24 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_BASIC_E_p12 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p28 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
This control sets the foundation for how all information and cybersecurity policies and procedures should be managed. It emphasises the governance lifecycle, from creation to enforcement, and ensures alignment with the organisation's strategic direction. To effectively implement this control, consider the following practices: • Develop clear and practical policies, processes, and procedures which: o Define acceptable behaviours and expectations forprotecting the organisation’s information and systems. o Outline how management expects employees to use and safeguard company resources. • Ensure employee awareness by communicating these policies, processes, and procedures: o During onboarding of new personnel. o Whenever significant updates or changes are made. o Maintain accessibility by making all relevant documents easily available to employees. • Review and update regularly (e.g. annually) to reflect: o Organisational changes, such as mergers, acquisitions, or new contractual obligations. o Technological developments, such as the adoption of artificial intelligence or new security tools. • Define risk assessment criteria within the organisation’s risk management policy: o The entityshould establish and document clear criteria for determining the probability and impact of risks. o These criteria should be tailored to the organisation’s specific context and used consistently to evaluate and prioritise cybersecurity risks.This ensures that risk-based decisions are aligned with the organisation’s overall strategy and risk appetite. |
|
A general note, for any purpose. |
This control sets the foundation for how all information and cybersecurity policies and procedures should be managed. It emphasises the governance lifecycle, from creation to enforcement, and ensures alignment with the organisation's strategic direction. To effectively implement this control, consider the following practices: - Develop clear and practical policies, processes, and procedures which: - Define acceptable behaviours and expectations forprotecting the organisation’s information and systems. - Outline how management expects employees to use and safeguard company resources. - Ensure employee awareness by communicating these policies, processes, and procedures: - During onboarding of new personnel. - Whenever significant updates or changes are made. - Maintain accessibility by making all relevant documents easily available to employees. - Review and update regularly (e.g. annually) to reflect: - Organisational changes, such as mergers, acquisitions, or new contractual obligations. - Technological developments, such as the adoption of artificial intelligence or new security tools. - Define risk assessment criteria within the organisation’s risk management policy: - The entityshould establish and document clear criteria for determining the probability and impact of risks. - These criteria should be tailored to the organisation’s specific context and used consistently to evaluate and prioritise cybersecurity risks.This ensures that risk-based decisions are aligned with the organisation’s overall strategy and risk appetite. |
|
A general note, for any purpose. |
<div><p>This control sets the foundation for how all information and cybersecurity policies and procedures should be managed. It emphasises the governance lifecycle, from creation to enforcement, and ensures alignment with the organisation's strategic direction. To effectively implement this control, consider the following practices:</p><ul><li>Develop clear and practical policies, processes, and procedures which:<ul><li>Define acceptable behaviours and expectations forprotecting the organisation’s information and systems.</li><li>Outline how management expects employees to use and safeguard company resources.</li></ul></li><li>Ensure employee awareness by communicating these policies, processes, and procedures:<ul><li>During onboarding of new personnel.</li><li>Whenever significant updates or changes are made.</li><li>Maintain accessibility by making all relevant documents easily available to employees.</li></ul></li><li>Review and update regularly (e.g. annually) to reflect:<ul><li>Organisational changes, such as mergers, acquisitions, or new contractual obligations.</li><li>Technological developments, such as the adoption of artificial intelligence or new security tools.</li></ul></li><li>Define risk assessment criteria within the organisation’s risk management policy:<ul><li>The entityshould establish and document clear criteria for determining the probability and impact of risks.</li><li>These criteria should be tailored to the organisation’s specific context and used consistently to evaluate and prioritise cybersecurity risks.This ensures that risk-based decisions are aligned with the organisation’s overall strategy and risk appetite.</li></ul></li></ul></div> |
|
A general note, for any purpose. |
This control sets the foundation for how all information and cybersecurity policies and procedures should be managed. It emphasises the governance lifecycle, from creation to enforcement, and ensures alignment with the organisation's strategic direction. To effectively implement this control, consider the following practices: - Develop clear and practical policies, processes, and procedures which: - Define acceptable behaviours and expectations forprotecting the organisation’s information and systems. - Outline how management expects employees to use and safeguard company resources. - Ensure employee awareness by communicating these policies, processes, and procedures: - During onboarding of new personnel. - Whenever significant updates or changes are made. - Maintain accessibility by making all relevant documents easily available to employees. - Review and update regularly (e.g. annually) to reflect: - Organisational changes, such as mergers, acquisitions, or new contractual obligations. - Technological developments, such as the adoption of artificial intelligence or new security tools. - Define risk assessment criteria within the organisation’s risk management policy: - The entityshould establish and document clear criteria for determining the probability and impact of risks. - These criteria should be tailored to the organisation’s specific context and used consistently to evaluate and prioritise cybersecurity risks.This ensures that risk-based decisions are aligned with the organisation’s overall strategy and risk appetite. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
GV.PO-01.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Cybersecurity policies and procedures |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Policies and procedures for managing information and cybersecurity shall be established, documented, reviewed, approved, updated when changes occur, communicated and enforced. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
21 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 23 of 23
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1