Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.AM-04.2: The organisation shall map, document and authorise the flow of information to/from external systems and update the flow when changes occur. |
|
ID.AM-04.2 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p52 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that the flow of information to and from external systems is clearly understood, securely managed, and kept up to date to reduce the risk of data leakage, unauthorised access, or disruption across ICT and OT environments. To achieve this goal:</p><ul><li>Identify and Map Data Pathways All pathways through which data enters or exits the organisation’s systems should be identified and docu- mented. This includes functions, ports, protocols, and services used in both IT and OT environments.</li><li>Document Data Flows in Detail Records should describe the types of data being transferred, the systems involved, and the security meas- ures applied (e.g. encryption, authentication, access controls). This supports transparency and secure data handling.</li><li>Authorise and Control Access Only designated and authorised personnel should be allowed to approve and manage data transfers. This helps prevent unauthorised access and ensures accountability.</li><li>Review and Update Regularly Information flow documentation should be reviewed and updated whenever systems, processes, or external connections change. This ensures that controls remain effective and aligned with the current environment. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control focuses on granular, content-specific data flows between the organisation and specific external systems. It includes:</li><li>Data transfers to/from third-party platforms such as CRM systems, cloud storage providers, and externalAPIs.</li><li>File transfers, API calls, and database synchronisation with external systems.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that the flow of information to and from external systems is clearly understood, securely managed, and kept up to date to reduce the risk of data leakage, unauthorised access, or disruption across ICT and OT environments. To achieve this goal: - Identify and Map Data Pathways All pathways through which data enters or exits the organisation’s systems should be identified and docu- mented. This includes functions, ports, protocols, and services used in both IT and OT environments. - Document Data Flows in Detail Records should describe the types of data being transferred, the systems involved, and the security meas- ures applied (e.g. encryption, authentication, access controls). This supports transparency and secure data handling. - Authorise and Control Access Only designated and authorised personnel should be allowed to approve and manage data transfers. This helps prevent unauthorised access and ensures accountability. - Review and Update Regularly Information flow documentation should be reviewed and updated whenever systems, processes, or external connections change. This ensures that controls remain effective and aligned with the current environment. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control focuses on granular, content-specific data flows between the organisation and specific external systems. It includes: - Data transfers to/from third-party platforms such as CRM systems, cloud storage providers, and externalAPIs. - File transfers, API calls, and database synchronisation with external systems. |
|
A general note, for any purpose. |
The goal of this control is to ensure that the flow of information to and from external systems is clearly understood, securely managed, and kept up to date to reduce the risk of data leakage, unauthorised access, or disruption across ICT and OT environments. To achieve this goal: - Identify and Map Data Pathways All pathways through which data enters or exits the organisation’s systems should be identified and docu- mented. This includes functions, ports, protocols, and services used in both IT and OT environments. - Document Data Flows in Detail Records should describe the types of data being transferred, the systems involved, and the security meas- ures applied (e.g. encryption, authentication, access controls). This supports transparency and secure data handling. - Authorise and Control Access Only designated and authorised personnel should be allowed to approve and manage data transfers. This helps prevent unauthorised access and ensures accountability. - Review and Update Regularly Information flow documentation should be reviewed and updated whenever systems, processes, or external connections change. This ensures that controls remain effective and aligned with the current environment. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control focuses on granular, content-specific data flows between the organisation and specific external systems. It includes: - Data transfers to/from third-party platforms such as CRM systems, cloud storage providers, and externalAPIs. - File transfers, API calls, and database synchronisation with external systems. |
|
A general note, for any purpose. |
The goal of this control is to ensure that the flow of information to and from external systems is clearly understood, securely managed, and kept up to date to reduce the risk of data leakage, unauthorised access, or disruption across ICT and OT environments. To achieve this goal: • Identify and Map Data Pathways All pathways through which data enters or exits the organisation’s systems should be identified and docu- mented. This includes functions, ports, protocols, and services used in both IT and OT environments. • Document Data Flows in Detail Records should describe the types of data being transferred, the systems involved, and the security meas- ures applied (e.g. encryption, authentication, access controls). This supports transparency and secure data handling. • Authorise and Control Access Only designated and authorised personnel should be allowed to approve and manage data transfers. This helps prevent unauthorised access and ensures accountability. • Review and Update Regularly Information flow documentation should be reviewed and updated whenever systems, processes, or external connections change. This ensures that controls remain effective and aligned with the current environment. The two controls — ID.AM-03-3 and ID.AM-04.2 — are closely related but focus on different scopes of infor- mation flow and network activity. This control focuses on granular, content-specific data flows between the organisation and specific external systems. It includes: • Data transfers to/from third-party platforms such as CRM systems, cloud storage providers, and externalAPIs. • File transfers, API calls, and database synchronisation with external systems. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.AM-04.2 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
External system data flow documentation |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall map, document and authorise the flow of information to/from external systems and update the flow when changes occur. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1