An Introduction To
Objective: To prevent unauthorised disclosure, modification, removal or destruction of assets, and interruptions to business activities.
Media should be controlled and physically protected.
Management of removable media
Removable computer media should be controlled.
Disposal of Media
Media should be disposed of securely and safely when no longer required.
Information handling procedures
Procedures for handling and storage of information should be established to protect that information from unauthorised disclosure or misuse.
Security of system documentation
System documentation should be protected from unauthorised access.
The Security Practitioner
An Introduction to Information Security