iFour ConsultancyISO 27001 Control A.7.2 During Employment

ASP.NET software companies India http://www.ifourtechnolab.com1

A.7.2.1 Management Responsibilities

Application of Information Security

Policies and Procedures of the Organization

Data Protection Policies

Anti Money Laundering Policies

ASP.NET software companies India

http://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com2

Sample Data Protection PolicyData Controller

Data Protection Officer

Users

Personal Information

Sensitive Data

ASP.NET software companies Indiahttp://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com3

Sample Anti Money Laundering PolicyReject assets that are known or suspected to be the proceeds of criminal activity

Exit from business relationships with individuals or entities known or suspected to be a terrorist or a criminal organisation or member of such or listed on sanction lists

Dont maintain anonymous accounts, accounts for banks or pay-through accounts

Dont enter into relationships with clients from Special Risk Countries

Dont enter into relationships with clients operating in prohibited industries

ASP.NET software companies Indiahttp://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com4

A.7.2.2 Information Security Awareness, Education and TrainingAwareness through Education and Training

Regular Updates in Policies and Procedures

Relevance for job function

Fraud Awareness

Anti Bribery Education

ASP.NET software companies Indiahttp://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com5

Sample Fraud Awareness Training

Theft

Payroll fraud

False Expense Reimbursements

False invoicing

ASP.NET software companies Indiahttp://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com6

Sample Anti Bribery Education

Understanding and recognising bribery and corruption

Penalties

Key risk areas

Employee responsibility and how to raise a concern

ASP.NET software companies Indiahttp://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com7

A.7.2.3 Disciplinary Process

Formal and communicated disciplinary process

Proper implementation of disciplinary process

ASP.NET software companies Indiahttp://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com8

Sample Disciplinary Process

PrinciplesInformal DiscussionsVerbal WarningWritten WarningFinal Written WarningGross MisconductRight to Appeal

ASP.NET software companies Indiahttp://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com9

References

ASP.NET software companies India

https://www.dlapiperdataprotection.com/#handbook/data-protection-officers-section/c1_INhttps://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&sqi=2&ved=0ahUKEwjDrKPs2J_MAhWF5qYKHXElDFUQFgg4MAM&url=http%3A%2F%2Fwww.harrisvs.org.uk%2Fhome_htm_files%2FData%2520Protection%2520Policy%2520Model%25202013.doc&usg=AFQjCNH-258MmJ9tK5Nr0CW7TTRXpgvokA&bvm=bv.119745492,d.dGY&cad=rjahttps://www.rbi.org.in/scripts/BS_ViewMasCirculardetails.aspx?id=8168https://www.ncjrs.gov/fraudawareness/

http://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com10

References Continued..

ASP.NET software companies India

http://www.ey.com/IN/en/Services/Assurance/Fraud-Investigation---Dispute-Services/FIDS---A-step-towards-anti-bribery-and-corruptionhttp://www.smith.williamson.co.uk/anti-bribery-corruption-policyhttps://www.google.co.in/search?q=sample+disciplinary+process&ie=utf-8&oe=utf-8&gws_rd=cr&ei=7cMYV8fYGYXSmwWoqZigCghttps://www.db.com/en/media/Deutsche_Bank_Group_-_Anti_Money_Laundering_Policy.pdfhttp://www.utsystem.edu/cont/Training/FraudAwareness2014.pdf

http://www.ifourtechnolab.com

ASP.NET software companies India http://www.ifourtechnolab.com11

Thanks

ASP.NET software companies India

ASP.NET software companies India http://www.ifourtechnolab.com12