iFour ConsultancyISO 27001 Control A.7.2 During Employment
ASP.NET software companies India http://www.ifourtechnolab.com1
A.7.2.1 Management Responsibilities
Application of Information Security
Policies and Procedures of the Organization
Data Protection Policies
Anti Money Laundering Policies
ASP.NET software companies India
http://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com2
Sample Data Protection PolicyData Controller
Data Protection Officer
Users
Personal Information
Sensitive Data
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com3
Sample Anti Money Laundering PolicyReject assets that are known or suspected to be the proceeds of criminal activity
Exit from business relationships with individuals or entities known or suspected to be a terrorist or a criminal organisation or member of such or listed on sanction lists
Dont maintain anonymous accounts, accounts for banks or pay-through accounts
Dont enter into relationships with clients from Special Risk Countries
Dont enter into relationships with clients operating in prohibited industries
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com4
A.7.2.2 Information Security Awareness, Education and TrainingAwareness through Education and Training
Regular Updates in Policies and Procedures
Relevance for job function
Fraud Awareness
Anti Bribery Education
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com5
Sample Fraud Awareness Training
Theft
Payroll fraud
False Expense Reimbursements
False invoicing
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com6
Sample Anti Bribery Education
Understanding and recognising bribery and corruption
Penalties
Key risk areas
Employee responsibility and how to raise a concern
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com7
A.7.2.3 Disciplinary Process
Formal and communicated disciplinary process
Proper implementation of disciplinary process
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com8
Sample Disciplinary Process
PrinciplesInformal DiscussionsVerbal WarningWritten WarningFinal Written WarningGross MisconductRight to Appeal
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com9
References
ASP.NET software companies India
https://www.dlapiperdataprotection.com/#handbook/data-protection-officers-section/c1_INhttps://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&sqi=2&ved=0ahUKEwjDrKPs2J_MAhWF5qYKHXElDFUQFgg4MAM&url=http%3A%2F%2Fwww.harrisvs.org.uk%2Fhome_htm_files%2FData%2520Protection%2520Policy%2520Model%25202013.doc&usg=AFQjCNH-258MmJ9tK5Nr0CW7TTRXpgvokA&bvm=bv.119745492,d.dGY&cad=rjahttps://www.rbi.org.in/scripts/BS_ViewMasCirculardetails.aspx?id=8168https://www.ncjrs.gov/fraudawareness/
http://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com10
References Continued..
ASP.NET software companies India
http://www.ey.com/IN/en/Services/Assurance/Fraud-Investigation---Dispute-Services/FIDS---A-step-towards-anti-bribery-and-corruptionhttp://www.smith.williamson.co.uk/anti-bribery-corruption-policyhttps://www.google.co.in/search?q=sample+disciplinary+process&ie=utf-8&oe=utf-8&gws_rd=cr&ei=7cMYV8fYGYXSmwWoqZigCghttps://www.db.com/en/media/Deutsche_Bank_Group_-_Anti_Money_Laundering_Policy.pdfhttp://www.utsystem.edu/cont/Training/FraudAwareness2014.pdf
http://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com11
Thanks
ASP.NET software companies India
ASP.NET software companies India http://www.ifourtechnolab.com12