|
Introduction
Welcome to
DMC’s security overview. This overview describes current security
solutions and provides a framework for standardization across the
enterprise.
Security Solutions
Security
Solutions documents how security is being provided for selected
resources throughout the FMC enterprise and encompasses five major
areas:
-
Information security
includes company policies, standards and solutions that should be
incorporated in the design of business processes and information flows
to ensure access to data is authorized. These company policies and
directives should also be followed by systems to ensure that data
cannot be inadvertently altered and is reliable. Please refer to DMC’s
General Security Standards Solutions.
-
Personnel security
includes company initiatives to address personnel security awareness
training, personnel security procedures training and personnel
authentication when accessing systems. Please refer to the
privacy policies for policies on user authentication, roles and
initiatives to address this area.
-
Operational security
includes DMC’s Risk Assessment
procedure, component testing and evaluation,
System Certification and Accreditation,
Disaster Recovery Plan,
Continuity of Operations Plan (COOP) and other Standard Operating
Procedures (SOP).
-
Physical security
includes protection for buildings that support IT processing, control
of access to IT equipment and networks. This also covers fire
protection, storage of media, and disaster recovery system.
-
Network Security is
a vital component of every area of security, whether it is
information, operational, physical or personnel security.
Sarbanes Oxley (SOX)
In response
to several corporations being found guilty of committing fraud and
reporting scandals, Sarbanes Oxley Act of 2002 was admitted to all
corporations. It is DMC’s philosophy to act ethically and not to commit
any crimes against any entities; therefore, be SOX compliant. |
