Professional Documents
Culture Documents
ACPL-IsMS-C5.8 Information Security in Project
ACPL-IsMS-C5.8 Information Security in Project
ACPL-IsMS-C5.8 Information Security in Project
Management Policy
Document ID ACPL-ISMS-C5.8
Document Classification Internal
Issue Date (effective from) 01.12.2023
Version No 1.0
Latest Review Date 01.12.2023
1. Control statement
Information security should be integrated into project management.
2. Purpose:
To ensure information security risks related to projects and deliverables are effectively addressed in
project management throughout the project life cycle.
3. Scope:
This can be applied to any type of project regardless of its complexity, size, duration, discipline or
application area (e.g., a project for a core business process, ICT, facility management or other
supporting processes)
4. Procedure:
1. The responsibility and authority at the different phases of the project are defined and
allocated to different roles.
2. Conduct Risk assessment of the project at the early stage and at different stages of the project
as it progresses.
3. Information security needs to be addressed at the early stage of the project.
4. The risk during Internal and external communication should be taken care while executing the
project.
5. Progress on information security risk treatment is reviewed and effectiveness of the treatment
is evaluated and tested.
Doc ID: ACPL-ISMS-C5.8 Version 1.0 Last Rev. Date: 01.12.2023 Page 2 of 3
This document is confidential and must not be shared or copied without written permission from
Aethereus Consulting. Please return or destroy upon request.
Information security in project Management Policy
7. Requirements mandated by other information security controls (e.g., interfaces to logging and
monitoring or data leakage detection systems)
8. Compliance with the legal, statutory, regulatory and contractual environment in which the
organization operates.
9. Level of confidence or assurance required for third parties to meet the organization’s
information security policy and topic-specific policies including relevant security clauses in any
agreements or contracts.
5. Revision History
Doc ID: ACPL-ISMS-C5.8 Version 1.0 Last Rev. Date: 01.12.2023 Page 3 of 3
This document is confidential and must not be shared or copied without written permission from
Aethereus Consulting. Please return or destroy upon request.