Welcome to Scribd!

Module 9 - 3 Security Certification Documentation

Uploaded by

sasanaravi2020

0% found this document useful (0 votes)

23 views11 pages

The document outlines standards and processes for security certification documentation at a university. It defines what a security certificate is and its purpose in establishing website identity and security. It states that all information security documents must follow university standards and procedures, and exceptions require approval. The security accreditation package that is assembled and submitted contains an approved system security plan, security assessment report, and plan of action and milestones. The package is prepared with inputs from various security officers and the information system owner is responsible for its assembly and submission.

Original Description:

Original Title

Module 9__ 3 Security Certification Documentation

Copyright

Available Formats

PPTX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pptx, pdf, or txt

0% found this document useful (0 votes)

23 views11 pages

Module 9 - 3 Security Certification Documentation

Uploaded by

sasanaravi2020

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pptx, pdf, or txt

Jump to Page

You are on page 1of 11

Search inside document

SECURITY CERTIFICATION

DOCUMENTATION
What is a security certificate?

● A security certificate is a small data file used as an internet security

technique through which the identity,authenticity, and reliability of a website
or a web application is established.
● A security certificate is also known as digital certificate or Secure Socket
Layer(SSL) certificate.
● It is used as a means to provide the security level of a website to general
visitors,Internet service providers(ISP) and web servers.
Documentation Standards

● All information security documents developed must follow the procedures or

best practices of university information security (University of minnesota).
● Exceptions to this standard must be approved by university information
security(UIS).
● Non-Compliance with this standard must be reported to UIS.
Standard and Process
All information security documentation within the scope of this standard must contain:

1.Objective - The purpose of the document.

2.Scope - Identifies to whom and to what assets the standards and process apply.

3.The security accreditation package contains following documents:

1. Approved system security plan

2. Security assessment report
3. Plan of action and milestones.
Standard and process (cont.)
Security Accreditation Package

● The information system owner (ISO) is responsible for the assembly,

compilation and submission of the security accreditation package.
● ISO receives inputs from the information system security officer
(ISSO), certification agent (CA) and senior agency information security
officer (SAISO) during the preparation of the security accreditation
package.
Accreditation decision

● Security accreditation decision.

❏ Authorised to operate or
❏ Authorised to operate on an interim basis under strict terms and conditions or
❏ Not authorised to operate.
● Supporting rationale for the decision.
❏ Provides the Information system owner with the justification for the authorising
official’s decision.
● Terms and conditions for the authorization.
❏ Provides a description of any limitations or restrictions placed on the operation of
the information system that must be adhered to by the information system owner.
Standard and process (cont.)

4. Document Owner- ISO

5. Document Approver - authorising official or designated representative

6. Effective Date - The Date when document was implemented and enforced.

7. Last Reviewed Date - The date on which document was last reviewed for
changes, updates or document retirement.
Documents maintenance
● Current document owners must be updated or affirmed during routine
document maintenance.

● Document owner will determine how often the document requires routine
maintenance but however regular interval must not exceed 3 years from the
prior last reviewed date.
● The authorising official and senior agency information security officer also
retains the copies of the accreditation decision letter and package.
● The documents should be marked and protected appropriately in accordance
with agency policy and retained in accordance with the agency’s record
retention policy.
THANK YOU

City State Wise Laptop Dealers
Document90 pages
City State Wise Laptop Dealers
Aakash Ujjwal
No ratings yet
CISSP How To Pass Training
Document713 pages
CISSP How To Pass Training
Jose Rivera
No ratings yet
Vendor Risk Assessment v1.0: Instructions
Document2 pages
Vendor Risk Assessment v1.0: Instructions
mit global solutions
No ratings yet
Case-Study 1 SAP Hybris Technopolis
Document6 pages
Case-Study 1 SAP Hybris Technopolis
Raja Churchill Dass
No ratings yet
Microsoft Office 2010A Modern Approach - EInternational
Document590 pages
Microsoft Office 2010A Modern Approach - EInternational
Anonymous D430wlg
No ratings yet
Policy Making Nist 800-53
Document4 pages
Policy Making Nist 800-53
Aditya Narayan
No ratings yet
Document Name: A.5 Information Security Policies
Document3 pages
Document Name: A.5 Information Security Policies
Bhavana certvalue
No ratings yet
Unit-5 Info Secu
Document9 pages
Unit-5 Info Secu
workwithasr04
No ratings yet
Intertek GSV Final 2
Document44 pages
Intertek GSV Final 2
Nguyễn Tá Triệu
No ratings yet
Information Security Policy - Glomantech
Document3 pages
Information Security Policy - Glomantech
David Koirala
No ratings yet
Security Lo4-4
Document21 pages
Security Lo4-4
yuuloo
No ratings yet
Iso 17799
Document44 pages
Iso 17799
deltafx1
No ratings yet
Data Security Policy Data Security Policy
Document9 pages
Data Security Policy Data Security Policy
Abbas Ahmad
No ratings yet
USG Risk Assessment Checklist
Document7 pages
USG Risk Assessment Checklist
Shady Al-Seuri
No ratings yet
PCI-DSS Requirements Vs Security Controls
Document16 pages
PCI-DSS Requirements Vs Security Controls
Sherif_Salamh
No ratings yet
Data Backup and Restoration Procedure
Document4 pages
Data Backup and Restoration Procedure
Kier925
No ratings yet
Module 9-1 Certification
Document18 pages
Module 9-1 Certification
sasanaravi2020
No ratings yet
ADADA
Document9 pages
ADADA
Joseph Mghenja
No ratings yet
ISACA Guideline On CAATs PDF
Document4 pages
ISACA Guideline On CAATs PDF
ajaypatel007
No ratings yet
FALLSEM2022-23 CSE3501 ETH VL2022230103435 Reference Material I 19-10-2022 Lect 20
Document33 pages
FALLSEM2022-23 CSE3501 ETH VL2022230103435 Reference Material I 19-10-2022 Lect 20
Rajvansh Singh
No ratings yet
CERT-IN Auditor - Guidelines
Document6 pages
CERT-IN Auditor - Guidelines
Udit N. Sia
No ratings yet
mc4205 Unit V Cyber Security Unit 5
Document8 pages
mc4205 Unit V Cyber Security Unit 5
cajilajayareeta
No ratings yet
20info Systems Auditing
Document5 pages
20info Systems Auditing
zelestmary
No ratings yet
Physical Security Policy
Document7 pages
Physical Security Policy
Umang Meheta
No ratings yet
Itss 01
Document3 pages
Itss 01
strokenfilled
No ratings yet
ISO 27001 2022 Documentation Simplified Checklist and Guide
Document7 pages
ISO 27001 2022 Documentation Simplified Checklist and Guide
Mohd Rafi
No ratings yet
Backup & Recovery Poloy
Document7 pages
Backup & Recovery Poloy
Chitij Chauhan
No ratings yet
Web Hosting Policy
Document7 pages
Web Hosting Policy
Ateed Olaiya
No ratings yet
SOC 2 Information Security Policy - Secureframe
Document7 pages
SOC 2 Information Security Policy - Secureframe
ochedikwujonah
No ratings yet
UEU Jaminan Dan Kemanan Informasi Pertemuan 3
Document31 pages
UEU Jaminan Dan Kemanan Informasi Pertemuan 3
bangi
No ratings yet
Secure SDLC Consideration With NIST SP 800 64
Document27 pages
Secure SDLC Consideration With NIST SP 800 64
Javved
No ratings yet
Cert-In: IT Security Policy
Document13 pages
Cert-In: IT Security Policy
AFSungo
No ratings yet
Information Security Policy: 1. Purpose and Scope
Document10 pages
Information Security Policy: 1. Purpose and Scope
pranaylin@gmail.com
No ratings yet
Information Security Risk Assessment Checklist
Document7 pages
Information Security Risk Assessment Checklist
Adil Raza Siddiqui
No ratings yet
3 Certification and Accreditation Overview
Document7 pages
3 Certification and Accreditation Overview
tinku93
No ratings yet
10 - Logging and Monitoring Policy
Document6 pages
10 - Logging and Monitoring Policy
pentesting.443
No ratings yet
Asset Management Policy
Document11 pages
Asset Management Policy
Rahul Yadav
No ratings yet
IT Security Policy For BISE
Document7 pages
IT Security Policy For BISE
Nawal Safdar
No ratings yet
Auditor Guidelines
Document6 pages
Auditor Guidelines
Motivation skills
No ratings yet
TISAX Implementation Checklist
Document6 pages
TISAX Implementation Checklist
goran969
No ratings yet
Information Security Policy Template
Document7 pages
Information Security Policy Template
testuser.num
No ratings yet
10 - System Acquisition Development and Maintenance Security Standard v10
Document17 pages
10 - System Acquisition Development and Maintenance Security Standard v10
gemchis dawo
No ratings yet
The Structure of ISO 27001
Document11 pages
The Structure of ISO 27001
Mohammed Abdus Subhan
100% (1)
19 IT Program
Document65 pages
19 IT Program
Cahya Perdana
No ratings yet
Module 11 Maintaining InfoSec 211
Document57 pages
Module 11 Maintaining InfoSec 211
Umair Amjad
No ratings yet
Security Audit Course Project
Document6 pages
Security Audit Course Project
maryam
No ratings yet
Securing Data in The Cloud: Document Version 1.991 2012-06-26
Document8 pages
Securing Data in The Cloud: Document Version 1.991 2012-06-26
Kamarulzaman Sharif
No ratings yet
ISO27001 Server Security Best Practices Checklist
Document4 pages
ISO27001 Server Security Best Practices Checklist
fnky_by
No ratings yet
RISK ASSESSMENT FOR IT Template
Document8 pages
RISK ASSESSMENT FOR IT Template
jenito215402
No ratings yet
ABC SecPol
Document5 pages
ABC SecPol
Carlo Benganio
No ratings yet
Introduction ISMS ISO 27001 PDF
Document110 pages
Introduction ISMS ISO 27001 PDF
Suhendi SS
100% (1)
Sponsor Responsibility - Good Clinical Practice
Document55 pages
Sponsor Responsibility - Good Clinical Practice
aiphysician or btscompanybts is SCAMMER. Please refund and report to Shopee now. The only legit provider is thelightningstore(TLS)
No ratings yet
CyberintelSys VAPT Approach Paper
Document12 pages
CyberintelSys VAPT Approach Paper
vishweshmhegde
No ratings yet
Security Assessment and Authorization Policy
Document4 pages
Security Assessment and Authorization Policy
albert john olivera
No ratings yet
Auditing The Information Security Function Kevin Wheeler, CISSP
Document29 pages
Auditing The Information Security Function Kevin Wheeler, CISSP
Envisage123
No ratings yet
Information Assurance Policy
Document2 pages
Information Assurance Policy
Abhijeet Singh
No ratings yet
Categorization: Categorize The Information System
Document22 pages
Categorization: Categorize The Information System
TK
No ratings yet
User Access Management
Document10 pages
User Access Management
Umang Meheta
No ratings yet
CHAPTER 2.1 - 2.2 - Security Policies - Procedures - SHORT SEM 2021
Document27 pages
CHAPTER 2.1 - 2.2 - Security Policies - Procedures - SHORT SEM 2021
Firdaus
No ratings yet
Information Security: Imtiaz Hussain
Document12 pages
Information Security: Imtiaz Hussain
Ali Hussnain
No ratings yet
IS Auditor - Process of Auditing: Information Systems Auditor, #1
From Everand
IS Auditor - Process of Auditing: Information Systems Auditor, #1
Selwyn Classen
No ratings yet
The Chartered Cyber Security Officer
From Everand
The Chartered Cyber Security Officer
Dr. Zulk Shamsuddin
Rating: 5 out of 5 stars
5/5 (1)
ISO27001:2013 Assessments Without Tears
From Everand
ISO27001:2013 Assessments Without Tears
Steve Watkins
Rating: 3 out of 5 stars
3/5 (3)
6
Document2 pages
6
sasanaravi2020
No ratings yet
7
Document1 page
7
sasanaravi2020
No ratings yet
Module 3
Document31 pages
Module 3
sasanaravi2020
No ratings yet
Identification and Solving of Simple Real Life or Scientific or Technical Problems
Document1 page
Identification and Solving of Simple Real Life or Scientific or Technical Problems
sasanaravi2020
No ratings yet
Simple Python Program Implementation Using Operators
Document2 pages
Simple Python Program Implementation Using Operators
sasanaravi2020
No ratings yet
Python Programming Using Simple Statements and Expressions
Document5 pages
Python Programming Using Simple Statements and Expressions
sasanaravi2020
No ratings yet
Module 9-1 Certification
Document18 pages
Module 9-1 Certification
sasanaravi2020
No ratings yet
Module 9-2 Cont - Monitoring
Document12 pages
Module 9-2 Cont - Monitoring
sasanaravi2020
No ratings yet
Module 9 - 3 Accrediation
Document16 pages
Module 9 - 3 Accrediation
sasanaravi2020
No ratings yet
Module 7 1 Authentiation Password
Document31 pages
Module 7 1 Authentiation Password
sasanaravi2020
No ratings yet
2 Security Attacks
Document37 pages
2 Security Attacks
sasanaravi2020
No ratings yet
Module 1
Document49 pages
Module 1
sasanaravi2020
No ratings yet
Project Sample
Document84 pages
Project Sample
se.vellingiri1979
No ratings yet
Telecommunications: What Is Telecommunication?
Document11 pages
Telecommunications: What Is Telecommunication?
Rudel Farhat Laguialam Maliga
No ratings yet
Syllabus
Document2 pages
Syllabus
porseena
No ratings yet
Algorithm Basic
Document23 pages
Algorithm Basic
AARON ALEX X
No ratings yet
Case Tools Notes
Document2 pages
Case Tools Notes
Ashish Jhanwar
100% (1)
PersonDB - SQLite Example Using Entity Framework 5
Document26 pages
PersonDB - SQLite Example Using Entity Framework 5
Jales Jaque
No ratings yet
Pci Evidence Reference v1
Document192 pages
Pci Evidence Reference v1
mani karthik
No ratings yet
1750 - Cucm Upgrade Best Practices - Kogribak PDF
Document60 pages
1750 - Cucm Upgrade Best Practices - Kogribak PDF
Артем
No ratings yet
Internship
Document20 pages
Internship
Pallavi Pallu
No ratings yet
Existing System: Feasible Solution
Document4 pages
Existing System: Feasible Solution
jhanufujale
No ratings yet
Google Cloud Data Engineering Course - GCP Data Engineer Training in Hyderabad
Document11 pages
Google Cloud Data Engineering Course - GCP Data Engineer Training in Hyderabad
siva.visualpath
No ratings yet
Market Basket Analysisv4.0 PDF
Document31 pages
Market Basket Analysisv4.0 PDF
Bidof Vic
No ratings yet
Taipei GEAF Miniset
Document22 pages
Taipei GEAF Miniset
Philip Zheng
No ratings yet
BSC Bca 2 Sem Object Oriented Programming Using CPP 20101289 Nov 2020
Document2 pages
BSC Bca 2 Sem Object Oriented Programming Using CPP 20101289 Nov 2020
partheevpa
No ratings yet
SAP BPC NW 10 - Sample Security Matrix
Document83 pages
SAP BPC NW 10 - Sample Security Matrix
Oluwaseyi Obabiyi
No ratings yet
Chandeep SAP FioriResume
Document5 pages
Chandeep SAP FioriResume
chandeep
No ratings yet
5CI022 Task 02 (2057112)
Document8 pages
5CI022 Task 02 (2057112)
Dulmi Mendis
No ratings yet
Exam
Document10 pages
Exam
ScribdTranslations
No ratings yet
CIS KentA - Lindayen.bsa4 2
Document2 pages
CIS KentA - Lindayen.bsa4 2
Michael Olmedo Nene
No ratings yet
Assessment Backend Java
Document3 pages
Assessment Backend Java
somendumaiti
No ratings yet
It 301 Prelim Exam
Document4 pages
It 301 Prelim Exam
anon_325042532
50% (2)
Custom Code Migrate
Document82 pages
Custom Code Migrate
Adaikalam Alexander Rayappa
100% (1)
Structured Query Language - The Basics: by Ved Prakash
Document29 pages
Structured Query Language - The Basics: by Ved Prakash
Ved Shilpy
No ratings yet
Cyber Security Brochure
Document6 pages
Cyber Security Brochure
er.alok18
No ratings yet
Best Free Antivirus For Windows 10
Document10 pages
Best Free Antivirus For Windows 10
Kirtan Dave
No ratings yet
Week 3 - Database - 2021 T1
Document33 pages
Week 3 - Database - 2021 T1
Odria Arshiana
No ratings yet
Oracle Eloqua AppCloud Developer Framework
Document85 pages
Oracle Eloqua AppCloud Developer Framework
Rabindra P.Singh
No ratings yet