Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.IR-01.9: The organisation shall manage interfaces with external telecommunications services as part of its broader network security policy, by defining how traffic is controlled, ensuring the confidentiality and integrity of transmitted information, and reviewing and documenting any exceptions to established rules. |
|
PR.IR-01.9 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p139 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
This control builds on PR.IR-01.8 by focusing specifically on how external communications are governed within the organisation’s network security policy. While firewall configurations and baseline security settings provide technical enforcement, this requirement emphasises the policy and oversight layer. To implement this effectively, the organisation should: - Integrate Traffic Flow Management into the Network Security Policy Thenetworksecuritypolicyshouldincludeclearrulesforhowdataandvoicetrafficisallowedtoflowbetween internal systems and external telecommunications services. - Define Security Objectives and Scope The policy should outline the goals for protecting external communications and specify which systems and services are covered. - Control and Monitor Traffic Network traffic should be continuously monitored to ensure it complies with defined rules. Suspicious or unauthorised flows should trigger alerts and be investigated. - Protect Data in Transit Confidentiality and integrity of transmitted data should be protected using encryption protocols such as TLS/SSL. - Document and Review Exceptions Any exceptions to the traffic flow rules (e.g., temporary access for a third party) should be formally docu- mented, justified, and regularly reviewed. - Respond to Incidents The organisation should be prepared to isolate and respond to abnormal ormalicious traffic patterns quickly. - Maintain PolicyAlignment The traffic flow component should align with other elements of the network security policy, including access control, VPN usage, patch management, and incident response. |
|
A general note, for any purpose. |
This control builds on PR.IR-01.8 by focusing specifically on how external communications are governed within the organisation’s network security policy. While firewall configurations and baseline security settings provide technical enforcement, this requirement emphasises the policy and oversight layer. To implement this effectively, the organisation should: • Integrate Traffic Flow Management into the Network Security Policy Thenetworksecuritypolicyshouldincludeclearrulesforhowdataandvoicetrafficisallowedtoflowbetween internal systems and external telecommunications services. • Define Security Objectives and Scope The policy should outline the goals for protecting external communications and specify which systems and services are covered. • Control and Monitor Traffic Network traffic should be continuously monitored to ensure it complies with defined rules. Suspicious or unauthorised flows should trigger alerts and be investigated. • Protect Data in Transit Confidentiality and integrity of transmitted data should be protected using encryption protocols such as TLS/SSL. • Document and Review Exceptions Any exceptions to the traffic flow rules (e.g., temporary access for a third party) should be formally docu- mented, justified, and regularly reviewed. • Respond to Incidents The organisation should be prepared to isolate and respond to abnormal ormalicious traffic patterns quickly. • Maintain PolicyAlignment The traffic flow component should align with other elements of the network security policy, including access control, VPN usage, patch management, and incident response. |
|
A general note, for any purpose. |
<div><p>This control builds on PR.IR-01.8 by focusing specifically on how external communications are governed within the organisation’s network security policy. While firewall configurations and baseline security settings provide technical enforcement, this requirement emphasises the policy and oversight layer. To implement this effectively, the organisation should:</p><ul><li>Integrate Traffic Flow Management into the Network Security Policy Thenetworksecuritypolicyshouldincludeclearrulesforhowdataandvoicetrafficisallowedtoflowbetween internal systems and external telecommunications services.</li><li>Define Security Objectives and Scope The policy should outline the goals for protecting external communications and specify which systems and services are covered.</li><li>Control and Monitor Traffic Network traffic should be continuously monitored to ensure it complies with defined rules. Suspicious or unauthorised flows should trigger alerts and be investigated.</li><li>Protect Data in Transit Confidentiality and integrity of transmitted data should be protected using encryption protocols such as TLS/SSL.</li><li>Document and Review Exceptions Any exceptions to the traffic flow rules (e.g., temporary access for a third party) should be formally docu- mented, justified, and regularly reviewed.</li><li>Respond to Incidents The organisation should be prepared to isolate and respond to abnormal ormalicious traffic patterns quickly.</li><li>Maintain PolicyAlignment The traffic flow component should align with other elements of the network security policy, including access control, VPN usage, patch management, and incident response.</li></ul></div> |
|
A general note, for any purpose. |
This control builds on PR.IR-01.8 by focusing specifically on how external communications are governed within the organisation’s network security policy. While firewall configurations and baseline security settings provide technical enforcement, this requirement emphasises the policy and oversight layer. To implement this effectively, the organisation should: - Integrate Traffic Flow Management into the Network Security Policy Thenetworksecuritypolicyshouldincludeclearrulesforhowdataandvoicetrafficisallowedtoflowbetween internal systems and external telecommunications services. - Define Security Objectives and Scope The policy should outline the goals for protecting external communications and specify which systems and services are covered. - Control and Monitor Traffic Network traffic should be continuously monitored to ensure it complies with defined rules. Suspicious or unauthorised flows should trigger alerts and be investigated. - Protect Data in Transit Confidentiality and integrity of transmitted data should be protected using encryption protocols such as TLS/SSL. - Document and Review Exceptions Any exceptions to the traffic flow rules (e.g., temporary access for a third party) should be formally docu- mented, justified, and regularly reviewed. - Respond to Incidents The organisation should be prepared to isolate and respond to abnormal ormalicious traffic patterns quickly. - Maintain PolicyAlignment The traffic flow component should align with other elements of the network security policy, including access control, VPN usage, patch management, and incident response. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.IR-01.9 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
External telecommunications security |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall manage interfaces with external telecommunications services as part of its broader network security policy, by defining how traffic is controlled, ensuring the confidentiality and integrity of transmitted information, and reviewing and documenting any exceptions to established rules. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1