Upload
ingersoll78
View
219
Download
0
Embed Size (px)
Citation preview
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 1/22
5 Game.gif
6 Game.gif
7 Game.gif
8 Game.gif
9 Game.gif
10 Game.gif
11 Game.gif 12 Game.gif
13 Game.gif
14 Game.gif
15 Game.gif
16 Game.gif
17 Game.gif
18 Game.gif
Game.gif
Game.gif
A.6.2.2
A.6.2.3
A.7
A.7.1
A.7.1.1
A.7.1.2
A.7.1.3
A.7.2
A.7.2.1
A.7.2.2
A.8
A.8.1
A.8.1.1
A.8.1.2
A.8.1.3
A.8.2
A.8.2.1
A.8.2.2
A.8.2.3
A.8.3
A.8.3.1A.8.3.2
A.8.3.3
A.9
A.9.1
A.9.1.1
A.9.1.2
A.9.1.3
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 2/22
A.9.1.4
A.9.1.5
A.9.1.6
A.9.2
A.9.2.1
A.9.2.2
A.9.2.3A.9.2.4
A.9.2.5
A.9.2.6
A.9.2.7
A.10
A.10.1
A.10.1.1
A.10.1.2
A.10.1.3
A.10.1.4A.10.2
A.10.2.1
A.10.2.2
A.10.2.3
A.10.3
A.10.3.1
A.10.3.2
A.10.4
A.10.4.1
A.10.4.2
A.10.5
A.10.5.1
A.10.6
A.10.6.1
A.10.6.2
A.10.7
A.10.7.1
A.10.7.2
A.10.7.3
A.10.7.4
A.10.8
A.10.8.1
A.10.8.2
A.10.8.3
A.10.8.4
A.10.9
A.10.9.1
A.10.9.2
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 3/22
A.10.9.3
A.10.9.4
A.10.10
A.11.2.1
A.11.2.2
A.11.2.3
A.11.2.4
A.11.3
A.11.3.1
A.11.3.2
A.11.3.3
A.11.4
A.11.4.1
A.11.4.2
A.11.4.3
A.11.4.4
A.11.4.5A.11.4.6
A.11.4.7
A.11.5
A.11.5.1
A.11.5.2
A.11.5.3
A.11.5.4
A.11.5.5
A.11.5.6
A.11.6A.11.6.1
A.11.6.2
A.11.7
A.11.7.1
A.11.7.2
A.12
A.12.1
A.12.1.1
A.10.10.1 A.10.10.2 A.10.10.3 A.10.10.4 A.10.10.5 A.10.10.6 A.11 A.11.1 A.11.1.1 A.11.2
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 4/22
A.12.2
A.12.2.1
A.15.1.4
A.12.2.4
A.12.3
A.12.4
A.12.5
A.12.6
A.12.2.2
A.12.3.1 A.12.3.2 A.12.4.1 A.12.4.2 A.12.4.3 A.12.5.1 A.12.5.2 A.12.5.3 A.12.5.4 A.12.5.5 A.12.6.1 A.13 A.13.1 A.13.1.1 A.13.1.2 A.13.2 A.13.2.1 A.13.2.2 A.13.2.3 A.14 A.14.1 A.14.1.1 A.14.1.2 A.14.1.3 A.14.1.4
A.14.1.5 A.15 A.15.1 A.15.1.1 A.15.1.2 A.15.1.3 A.15.1.4 A.15.1.5 A.15.1.6
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 5/22
A.15.2 A.15.2.1 A.15.2.2 A.15.3 A.15.3.1 A.15.3.2
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 6/22
Security policy
Information security policy
Information security policy document
Review of the information security policy
Organization of information security
Internal Organization
Management commitment to information security
Information security coordination
Allocation of information security responsibilities
Authorization process for information processing facilities
Confidentiality agreements
Contact with authorities
Contact with special interest groups
Independent review of information security
External Parties
Identification of risks related to external parties
Addressing security when dealing with customers
Addressing security in third party agreements
Asset Management
Responsibility of Assets
Inventory of assets
Ownership of assets
Acceptable use of assets
Information Classification
Classification guidelines
Information labeling and handling
Human resource security
Prior to employment
Roles and responsibilities
Screening
Terms and conditions
During employment
Management responsibility
Information systems training education and awareness
Disciplinary Process
Termination or change of employment
Termination responsibilitiesReturn of assets
Removal of assess rights
Physical and environmental security
Secure areas
Physical security perimeter
Physical entry controls
Securing offices, rooms and facilities
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 7/22
Protection against external and environmental threats
Working in secure areas
Public access delivery and loading
Equipment Security
Equipment sitting and protection
support utilities
Cabling securityEquipment maintenance
Equipment in offsite premises
Secure disposal and reuse of equipment
Removal of property
Communication and operations management
Operating Procedure and responsibilities
Documented operating procedure
Change management
Segregation of duties
Separation of development test and operational facilities Third Party service delivery management
Service delivery
Monitoring and review of third party services
Managing Changes to third party services
System planning and Acceptance
Capacity management
System Acceptance
Protection against malicious and mobile code
Controls against malicious code
Controls against mobile code
Back up
Information Back up
Network security management
Network controls
Securing Network Services
Media handling
Management of removable media
Disposal of media
Information handling procedures
Security in system documentation
Exchange of Information
Information exchange Policies Procedures
Exchange agreements
Physical media during transit
Electronic messaging service
Electronic Commerce service
Electronic commerce
Online transactions
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 8/22
Publically available information
Protection against external and environmental threats
Monitoring
Audit logging
Monitoring system use
Protection of log information
Administrator and operator log
Faulty Logging
Clock Synchronization
Access Control
Business Requirement for access Control
Access control policy
User access management
User registration
Privileged management
Password management
Review of access rights
User responsibilities
Password use
Unattended user equipment
Clear desk and clear screen policy
Network access control
Policy on use of network controls
User authentication for external connections
Equipment identification in networks
Remote diagnostic and configuration port protection
Segregation in networksNetwork connection control
Network routing control
Operating system access control
Secure log on procedure
User identification and authentication
Password management system
Use of system utilities
Session time out
Limitation of connection time
Application and information access controlInformation Access restriction
Sensitive system isolation
Mobile computing and teleworking
Mobile computing and communication
Teleworking
Information System Acquisition, Development and Maintenance
Security requirements
Security requirements analysis and specification
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 9/22
Correct processing in application
Input Data Validation
Control of internal processing
Data Protection and Privacy of personal information
Output data validation
Cryptographic controls
Policy on use of cryptographic controlsKey management
Security of system files
Control of operational Software
Protection of system test
Access control to program source code
Security in development and support process
Change Control Procedure
Technical Review of application after operating System changes
Restrictions on changes to software Packages
Information Leakage
Outsourced software development
Technical vulnerability management
Control of technical vulnerability
Information security Incident management
Reporting Information security events and weakness
Reporting Information security events
Reporting information security weakness
Management of information security incidents and improvements
Responsibilities and procedures
Learning from information security incidents
Collection of evidence
Business continuity management
Information security aspects of business continuity management
Including information security in the BCM Process
Business continuity and risk assessment
Developing and implementing continuity plan including information securit
BCP Framework
Testing maintaining and reassessing of BCP
Compliance
Compliance with legal requirements
Identification of Applicable legislations
Intellectual property rights (IPR)
Protection of organizational records
Data Protection and Privacy of personal information
Prevention and misuse of information processing facilities
Regulation of cryptographic controls
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 10/22
compliance with security policy and standards and technical compliance
Compliance with security Policy and standards
Technical compliance checking
Information system audit considerations
Information system audit controls
Protection of information systems audit tools
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 11/22
insert into game_gallery (comp_proc_desc) values ('Game.gif Security policy');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Information security policy
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Information security policy
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Review of the information s
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Organization of information
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Internal Organization');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Management commitment t
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Information security coordin
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Allocation of information se
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Authorization process for in
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Confidentiality agreements
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Contact with authorities');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Contact with special interes
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Independent review of infor
insert into master_comp_proc (comp_proc_desc) values ('Game.gif External Parties');
insert into master_comp_proc (comp_proc_desc) values ('Game.gif Identification of risks relate
insert into master_comp_proc (comp_proc_desc) values ('A.6.2.2 Addressing security when dea
insert into master_comp_proc (comp_proc_desc) values ('A.6.2.3 Addressing security in third p
insert into master_comp_proc (comp_proc_desc) values ('A.7 Asset Management');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1 Responsibility of Assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1.1 Inventory of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1.2 Ownership of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.1.3 Acceptable use of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.7.2 Information Classification');
insert into master_comp_proc (comp_proc_desc) values ('A.7.2.1 Classification guidelines');
insert into master_comp_proc (comp_proc_desc) values ('A.7.2.2 Information labeling and hand
insert into master_comp_proc (comp_proc_desc) values ('A.8 Human resource security');insert into master_comp_proc (comp_proc_desc) values ('A.8.1 Prior to employment');
insert into master_comp_proc (comp_proc_desc) values ('A.8.1.1 Roles and responsibilities');
insert into master_comp_proc (comp_proc_desc) values ('A.8.1.2 Screening');
insert into master_comp_proc (comp_proc_desc) values ('A.8.1.3 Terms and conditions');
insert into master_comp_proc (comp_proc_desc) values ('A.8.2 During employment');
insert into master_comp_proc (comp_proc_desc) values ('A.8.2.1 Management responsibility');
insert into master_comp_proc (comp_proc_desc) values ('A.8.2.2 Information systems training
insert into master_comp_proc (comp_proc_desc) values ('A.8.2.3 Disciplinary Process');
insert into master_comp_proc (comp_proc_desc) values ('A.8.3 Termination or change of emplo
insert into master_comp_proc (comp_proc_desc) values ('A.8.3.1 Termination responsibilities');insert into master_comp_proc (comp_proc_desc) values ('A.8.3.2 Return of assets');
insert into master_comp_proc (comp_proc_desc) values ('A.8.3.3 Removal of assess rights');
insert into master_comp_proc (comp_proc_desc) values ('A.9 Physical and environmental secu
insert into master_comp_proc (comp_proc_desc) values ('A.9.1 Secure areas');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.1 Physical security perimeter');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.2 Physical entry controls');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.3 Securing offices, rooms and fa
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 12/22
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.4 Protection against external an
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.5 Working in secure areas');
insert into master_comp_proc (comp_proc_desc) values ('A.9.1.6 Public access delivery and loa
insert into master_comp_proc (comp_proc_desc) values ('A.9.2 Equipment Security');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.1 Equipment sitting and protect
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.2 support utilities');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.3 Cabling security');insert into master_comp_proc (comp_proc_desc) values ('A.9.2.4 Equipment maintenance');
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.5 Equipment in offsite premises
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.6 Secure disposal and reuse of
insert into master_comp_proc (comp_proc_desc) values ('A.9.2.7 Removal of property');
insert into master_comp_proc (comp_proc_desc) values ('A.10 Communication and operations
insert into master_comp_proc (comp_proc_desc) values ('A.10.1 Operating Procedure and resp
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.1 Documented operating proc
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.2 Change management');
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.3 Segregation of duties');
insert into master_comp_proc (comp_proc_desc) values ('A.10.1.4 Separation of development tinsert into master_comp_proc (comp_proc_desc) values ('A.10.2 Third Party service delivery m
insert into master_comp_proc (comp_proc_desc) values ('A.10.2.1 Service delivery');
insert into master_comp_proc (comp_proc_desc) values ('A.10.2.2 Monitoring and review of thi
insert into master_comp_proc (comp_proc_desc) values ('A.10.2.3 Managing Changes to third p
insert into master_comp_proc (comp_proc_desc) values ('A.10.3 System planning and Accepta
insert into master_comp_proc (comp_proc_desc) values ('A.10.3.1 Capacity management');
insert into master_comp_proc (comp_proc_desc) values ('A.10.3.2 System Acceptance');
insert into master_comp_proc (comp_proc_desc) values ('A.10.4 Protection against malicious a
insert into master_comp_proc (comp_proc_desc) values ('A.10.4.1 Controls against malicious c
insert into master_comp_proc (comp_proc_desc) values ('A.10.4.2 Controls against mobile code
insert into master_comp_proc (comp_proc_desc) values ('A.10.5 Back up');
insert into master_comp_proc (comp_proc_desc) values ('A.10.5.1 Information Back up');
insert into master_comp_proc (comp_proc_desc) values ('A.10.6 Network security managemen
insert into master_comp_proc (comp_proc_desc) values ('A.10.6.1 Network controls');
insert into master_comp_proc (comp_proc_desc) values ('A.10.6.2 Securing Network Services')
insert into master_comp_proc (comp_proc_desc) values ('A.10.7 Media handling');
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.1 Management of removable m
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.2 Disposal of media');
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.3 Information handling proced
insert into master_comp_proc (comp_proc_desc) values ('A.10.7.4 Security in system documen
insert into master_comp_proc (comp_proc_desc) values ('A.10.8 Exchange of Information');insert into master_comp_proc (comp_proc_desc) values ('A.10.8.1 Information exchange Policie
insert into master_comp_proc (comp_proc_desc) values ('A.10.8.2 Exchange agreements');
insert into master_comp_proc (comp_proc_desc) values ('A.10.8.3 Physical media during trans
insert into master_comp_proc (comp_proc_desc) values ('A.10.8.4 Electronic messaging service
insert into master_comp_proc (comp_proc_desc) values ('A.10.9 Electronic Commerce service')
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.1 Electronic commerce');
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.2 Online transactions');
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 13/22
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.3 Publically available informat
insert into master_comp_proc (comp_proc_desc) values ('A.10.9.4 Protection against external a
insert into master_comp_proc (comp_proc_desc) values ('A.10.10 Monitoring');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.1 Audit logging');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.2 Monitoring system use');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.3 Protection of log informati
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.4 Administrator and operatoinsert into master_comp_proc (comp_proc_desc) values ('A.10.10.5 Faulty Logging');
insert into master_comp_proc (comp_proc_desc) values ('A.10.10.6 Clock Synchronization');
insert into master_comp_proc (comp_proc_desc) values ('A.11 Access Control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.1 Business Requirement for acc
insert into master_comp_proc (comp_proc_desc) values ('A.11.1.1 Access control policy');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2 User access management');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.1 User registration');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.2 Privileged management');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.3 Password management');
insert into master_comp_proc (comp_proc_desc) values ('A.11.2.4 Review of access rights');insert into master_comp_proc (comp_proc_desc) values ('A.11.3 User responsibilities');
insert into master_comp_proc (comp_proc_desc) values ('A.11.3.1 Password use');
insert into master_comp_proc (comp_proc_desc) values ('A.11.3.2 Unattended user equipment
insert into master_comp_proc (comp_proc_desc) values ('A.11.3.3 Clear desk and clear screen
insert into master_comp_proc (comp_proc_desc) values ('A.11.4 Network access control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.1 Policy on use of network con
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.2 User authentication for exte
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.3 Equipment identification in n
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.4 Remote diagnostic and conf
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.5 Segregation in networks');insert into master_comp_proc (comp_proc_desc) values ('A.11.4.6 Network connection control'
insert into master_comp_proc (comp_proc_desc) values ('A.11.4.7 Network routing control');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5 Operating system access cont
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.1 Secure log on procedure');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.2 User identification and authe
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.3 Password management syst
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.4 Use of system utilities');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.5 Session time out');
insert into master_comp_proc (comp_proc_desc) values ('A.11.5.6 Limitation of connection tim
insert into master_comp_proc (comp_proc_desc) values ('A.11.6 Application and information acinsert into master_comp_proc (comp_proc_desc) values ('A.11.6.1 Information Access restrictio
insert into master_comp_proc (comp_proc_desc) values ('A.11.6.2 Sensitive system isolation');
insert into master_comp_proc (comp_proc_desc) values ('A.11.7 Mobile computing and telewor
insert into master_comp_proc (comp_proc_desc) values ('A.11.7.1 Mobile computing and comm
insert into master_comp_proc (comp_proc_desc) values ('A.11.7.2 Teleworking');
insert into master_comp_proc (comp_proc_desc) values ('A.12 Information System Acquisition
insert into master_comp_proc (comp_proc_desc) values ('A.12.1 Security requirements');
insert into master_comp_proc (comp_proc_desc) values ('A.12.1.1 Security requirements analy
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 14/22
insert into master_comp_proc (comp_proc_desc) values ('A.12.2 Correct processing in applicat
insert into master_comp_proc (comp_proc_desc) values ('A.12.2.1 Input Data Validation');
insert into master_comp_proc (comp_proc_desc) values ('A.12.2.2 Control of internal processin
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.4 Data Protection and Privacy
insert into master_comp_proc (comp_proc_desc) values ('A.12.2.4 Output data validation');
insert into master_comp_proc (comp_proc_desc) values ('A.12.3 Cryptographic controls');
insert into master_comp_proc (comp_proc_desc) values ('A.12.3.1 Policy on use of cryptograpinsert into master_comp_proc (comp_proc_desc) values ('A.12.3.2 Key management');
insert into master_comp_proc (comp_proc_desc) values ('A.12.4 Security of system files');
insert into master_comp_proc (comp_proc_desc) values ('A.12.4.1 Control of operational Softw
insert into master_comp_proc (comp_proc_desc) values ('A.12.4.2 Protection of system test');
insert into master_comp_proc (comp_proc_desc) values ('A.12.4.3 Access control to program s
insert into master_comp_proc (comp_proc_desc) values ('A.12.5 Security in development and
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.1 Change Control Procedure')
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.2 Technical Review of applica
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.3 Restrictions on changes to
insert into master_comp_proc (comp_proc_desc) values ('A.12.5.4 Information Leakage');insert into master_comp_proc (comp_proc_desc) values ('A.12.5.5 Outsourced software develo
insert into master_comp_proc (comp_proc_desc) values ('A.12.6 Technical vulnerability manag
insert into master_comp_proc (comp_proc_desc) values ('A.12.6.1 Control of technical vulnera
insert into master_comp_proc (comp_proc_desc) values ('A.13 Information security Incident m
insert into master_comp_proc (comp_proc_desc) values ('A.13.1 Reporting Information securit
insert into master_comp_proc (comp_proc_desc) values ('A.13.1.1 Reporting Information secu
insert into master_comp_proc (comp_proc_desc) values ('A.13.1.2 Reporting information secu
insert into master_comp_proc (comp_proc_desc) values ('A.13.2 Management of information s
insert into master_comp_proc (comp_proc_desc) values ('A.13.2.1 Responsibilities and proced
insert into master_comp_proc (comp_proc_desc) values ('A.13.2.2 Learning from information s
insert into master_comp_proc (comp_proc_desc) values ('A.13.2.3 Collection of evidence');
insert into master_comp_proc (comp_proc_desc) values ('A.14 Business continuity manageme
insert into master_comp_proc (comp_proc_desc) values ('A.14.1 Information security aspects
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.1 Including information secur
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.2 Business continuity and risk
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.3 Developing and implement
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.4 BCP Framework');
insert into master_comp_proc (comp_proc_desc) values ('A.14.1.5 Testing maintaining and rea
insert into master_comp_proc (comp_proc_desc) values ('A.15 Compliance');
insert into master_comp_proc (comp_proc_desc) values ('A.15.1 Compliance with legal require
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.1 Identification of Applicable
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.2 Intellectual property rights
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.3 Protection of organizational
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.4 Data Protection and Privacy
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.5 Prevention and misuse of in
insert into master_comp_proc (comp_proc_desc) values ('A.15.1.6 Regulation of cryptographic
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 15/22
insert into master_comp_proc (comp_proc_desc) values ('A.15.2 compliance with security poli
insert into master_comp_proc (comp_proc_desc) values ('A.15.2.1 Compliance with security Po
insert into master_comp_proc (comp_proc_desc) values ('A.15.2.2 Technical compliance check
insert into master_comp_proc (comp_proc_desc) values ('A.15.3 Information system audit con
insert into master_comp_proc (comp_proc_desc) values ('A.15.3.1 Information system audit co
insert into master_comp_proc (comp_proc_desc) values ('A.15.3.2 Protection of information sy
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 16/22
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 17/22
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 18/22
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 19/22
;
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 20/22
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 21/22
Normal
Abnormal
Emergency
Legal requirement
Interested party concern
8/8/2019 Query Process
http://slidepdf.com/reader/full/query-process 22/22
insert into master_comp_proc (comp_proc_desc) values ('Normal');
insert into master_comp_proc (comp_proc_desc) values ('Abnormal');
insert into master_comp_proc (comp_proc_desc) values ('Emergency');
insert into master_comp_proc (comp_proc_desc) values ('Legal requirement');
insert into master_comp_proc (comp_proc_desc) values ('Interested party concern');