To the Saga synthesis top

Saga information security basic policy

The last update date:

1 purpose

 We set basic way of thinking of information security countermeasures in the prefecture and policy, and Saga information security basic policy (we say "basic policy" as follows.) is intended that we maintain secrecy, integrity of information assets and availability.

2 coverage

 The staff (we include the staff of a school, Administrative Staff and temporary worker.who develops network and information system, and applies basic policy or uses We say "the staff" as follows and apply about) and network and development of information system, company (we say "trustee" as follows.) which entrusted with duties such as operation and information assets.

Development of 3 countermeasures standards and conduct procedure

(1) As matter which should observe on carrying out information security countermeasures based on basic policy concretely and standard such as judgments "Saga information security countermeasures standard (say "countermeasures standard" as follows.) We shall devise "particularly.
(2) Based on basic policy and countermeasures standard (say "information security policy" as follows.), determined concrete procedures about individual information system; "Saga information security conduct procedure (include various procedures and manual. We say "conduct procedure" as follows.) We shall devise "particularly.
(3) Countermeasures standard and conduct procedure are serious for administrative administration of the prefecture by being released; because might affect, do with secrecy.

4 definitions

In the basic policy, signification of term listed in the following items depends on what to set of each issue concerned.
(1) Network
  Communications network to connect computer (hardware and software) to mutually
(2) Information system
  Structure to be comprised of computer, network, recording medium, and to handle duties
(3) Information assets
 Annette work and information system
 Information (information output to materiality such as electromagnetic record and paper) pertaining to development of inettowaku and information system and operation
 Information (information output to materiality such as electromagnetic record and paper) to deal with in unettowaku and information system
(4) Information security
  Maintain secrecy, integrity of information assets and availability.
(5) Secrecy
  Ensure that only permitted person can have the access to information as far as it was admitted.
(6) Integrity
  Guarantee information and the disposal method being exact and that you are complete.
(7) Availability
  When permitted person is required, ensure that you can access information.

Duty such as 5 staff

 The staff and trustee understand purpose of information security policy and must observe.

6 information security regimes

 We shall establish regime to observe information security policy.

Classification of 7 information assets

 We shall classify information assets depending on importance to carry out information security countermeasures.

Threat to 8 information assets

 Threats assumed for information assets are as follows.
(1) Destruction, wiretapping, theft, manipulation, removal of information assets by invasion, unauthorized access of outsider
(2) Data leaks by terminal connection of destruction, wiretapping, theft, manipulation, removal by inappropriateness management of carrying out, erroneous operation of information assets by the staff or trustee, the certification information for access or password, intentional unauthorized access or illegal act and nonrecognition
(3) Computer virus, earthquake, thunderbolt, disasters such as fires and accident, administrative services by trouble and suspension of business

9 information security countermeasures

 We shall lecture on the next information security countermeasures to protect information assets from 8 threats.
(1) Physical security countermeasures
  We take physical measures to protect from unjust entrance to facility setting up information system, destruction of information assets, accidents such as theft and disaster.
(2) Human security countermeasures
  We take necessary human measures so that we publicize authority and responsibility about information security and matter that you should observe to fate, the staff and trustee and are thorough, and enough education and enlightenment are performed.
(3) Technical security countermeasures
  To protect information assets from unjust access appropriately, such as access control, network management to information assets take technical measures.
(4) Security countermeasures in operation
  We take measures in management of information assets, grasp of the observance situation of information security policy and monitoring and operation such as crisis management countermeasures in Emergencies.

10 inspection

 We carry out inspection regularly to confirm that information security is secured.

11 evaluations and review

 We carry out review of basic policy, countermeasures standard and conduct procedure as needed to evaluate the situation of information security countermeasures by results of information security inspection, and to cope with turn of eventss to surround information security.

 Supplementary provisions

 This basic policy takes effect on February 20, 2006.

We relate to this page
Inquiry
(ID: 19190)
Saga prefectural government office (corporation number 1000020410004) 〒 840-8570  1-1-59, Jonai, Saga-shi   Tel: 0952-24-2111 (main)     
Copyright© 2016 Saga Prefecture.All Rights Reserved.

Saga prefectural government office (corporation number 1000020410004)

〒840-8570
1-1-59, Jonai, Saga-shi
Tel: 0952-24-2111 (main)
Copyright© 2016 Saga Prefecture.All Rights Reserved.