Dubai Islamic Bank Essay

Free Articles

The papers “Information Security Policy Framework” focuses on scheme and functions for implementation security policy in “Dubai Islamic Bank” . Information Security has become and of import facet for the fiscal establishment particularly for a bank to protest critical information resources. The importance of this fact needs to be clearly highlighted so that equal step can be implemented to guarantee that acceptable degree of security is in topographic point at the systems and networking degree.

The policy besides addresses the watchword security guidelines for effectual direction of watchwords associated with user and administrative profiles. web devices and other specialised peripheral devices associated with the substructure. Duty of the Employees The information security policy should be wholly read and its importance should be understood. In instance of any questions. write missive to concerned section caput. Keep corporate information confidential ; don’t portion this information with people outside DIB.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Maintain confidential of your watchword. Merely you are accountable with all the activities associated with your profile. Be observant expression for leery activities in your country and describe it to your director for disciplinary actions. It is the duty of every person to follow with this policy. Non conformity may ensue in disciplinary action. Components of security policy: The major constituents of security policy are: ? Hazard analysis – designation of critical assets? Risk direction – protection of identified assets.

The aim is to do certain that employee’s of the bank should cognize their functions and duties in protection of information assets and to stress the importance of holding secured communicating. Hazard analysis – critical concern applications As all maps of DIB are automated. downtime of any system has a direct deduction to efficiency and working. Some systems are mission critical as they impact straight to clients. Mission critical application are mentioned as follows. in order of precedence. ? Core banking application? Electronic messaging

Risk direction Risk direction is the procedure of placing possible menaces. Protection of information resources Information resources including client information or other critical system parametric quantities should be protected from accidental or knowing alteration or revelation. This includes loss of information physically and logically. Information should be classified with the degree of hazard associated with it by the concern proprietors. Once the information is classified. appropriate controls should be implemented to protect the information.

Internet Security Internet entree would be granted to users for concern intent merely. Paper information security Confidential information such as history statements. studies. legers or client related information. security policy. corporate policy and process etc should be retained in a secure and locked cabinet. Information such as package licence or care understandings or information that is extremely confidential should be kept firmly in safe or fire cogent evidence cabinet with combination lock enabled. Never leave your desk unattended for long hours.

While despatching memos / letters internally. It should be marked as “Confidential” with receiver name and reference and should be sealed in an envelop. Information security disposal Information engineering division militias the right to delegate or revoke user permissions based on sanctioned petition and behavior entitlement reappraisal. Security officer should be assigned to carry on this undertaking in segregation. The security officer non is involved in executing any minutess that conflict with the security disposal map.

Security officer is required to reexamine security audit logs. exclusion managing studies and papers any unusual or leery activity. Conformity Dubai Islamic subdivisions and corporate office divisions are required to guarantee conformity as per the regulations and guidelines mentioned in security policy. Divisional caputs should hold a formal documented procedure to carry on self-assessment on semi one-year footing. These consequences should be communicated to put on the line direction ream for extenuation activities.

Audited account and execution division should cite the security policy while carry oning internal audit of subdivision / divisions. System and operations division should guarantee conformity for all the functional unit countries of Dubai Islamic bank. Conduct self-assessment and periodic cheques that regulative and cardinal bank demands are being adhered to. A procedure should in topographic point to do certain that whenever a new undertaking is launched. concerned division will guarantee and verify that security controls are implemented at the initial stage of the undertaking.

Human resource division includes security consciousness plan as an built-in portion of developing IT quality confidence and conformity director will guarantee conformity of this policy for all systems and engineering related platform. Self-assessments and reappraisal will be conducted to formalize that relevant procedures are in topographic point. This unit are will besides go around letters to make consciousness among users to follow the security policy and abide by the regulations and ordinances as defined. In instance of any incident or malicious or deceitful activity. inform your several director and divisional caput IT for farther probe.

Social Engineering Social technology is the human action of interrupting the security. Users should be careful while speaking within and outside the organisation. Information security can be violated really easy or may neglect. if an employee gives off confidential information whether intentional or unwilled. Employees should be careful while speaking on telephone and replying inquiries with unknown receiver or answering back an unknown electronic mail message. If a user is non certain whether to reply such a inquiry. he/she should confer with the line director. Information sharing

Confidentiality of information should be maintained. This includes information such as PIN codifications. TPINS. watchwords. customer’s fiscal statements. bank’s budgetary statements. hard currency places are wholly treated as confidential information and should non be shared among employees. Avoid reading confidential certification in a public country. The categorization for confidential and public / shared information should be classified by information proprietors. Information that is required to be shared can be circulated in the signifier of missive or policy papers or can be uploaded on cyberspace.

Access rights should be implemented so that unauthorised people does non travel through the information that is meant for some specific people. Employees can portion information merely if they have valid concern ground. Installation of package applications Application / package installed on corporate systems should be licensed. Unlicensed package should non be installed on any system. all package installings would be carried out by the IT support staff by guaranting foremost that the said package fulfills the duties of package licensing.

For 3rd party package installings. the IT support staff would attach to such persons with anterior programming and reexamining all hardware demands and station execution impacts. Users would be restricted from downloading and put ining package. freeware and shareware or rating transcript of package on corporate laptops / workstations. This addition the opportunity of put ining virus or Trojan therefore compromising critical corporate resources. Merely standard corporate package on sanctioned list should be installed and accessed.

In instance there is a demand to put in application other than approved package so divergence should be filed and approved by divisional caput IT and subsequent blessings from group caput IT. Users are non allowed to download and put in brassy screen saves and desktop backgrounds. merely windows default scenes should be used. User of external media Domain receivers are non allowed to link personal laptop or workstation on the DIB web. Merely corporate equipment should be connected on corporate web. Any such effort would be taken up as an effort to undermine the web.

Use of removable media such as floppy disc. Cadmiums. DVDs. flash thrusts via USB port or any other external media on DIB sphere is purely prohibited. In instance if there is any concern requirement the same may be forwarded to the information engineering division or for scanning and uploading of papers in a shred booklet with restricted entree rights. Use of modems of any kind on the corporate workstations/ laptops and dialing out via cyberspace over corporate web is purely prohibited. Should at that place be concern demands to make so ; the said workstation would NOT be allowed to link to the corporate web.

Related posts:

  1. Bank of America Case Study Essay
  2. Organisation for Facilitating Globalization – IMF and World Bank Essay
  3. Blood Bank Management System Essay Sample
  4. The Collapse Of Barings Bank Essay Research
  5. Transformation of a Korean Bank Essay
  6. The Bank Of The United States Essay
  7. An unforgettable visit to Dubai Essay
  8. Leprosy In Medieval And Islamic Societies Different
  9. The Islamic Conquests Essay Research Paper

Post a Comment

Your email address will not be published. Required fields are marked *

*

x

Hi!
I'm Katy

Would you like to get such a paper? How about receiving a customized one?

Check it out