Information Security Standard 

Standard: Information Security Standard, ICTA-3.001:2016

Thematic Area: IT Security

Description: This ICTA Standard provides a consistent approach to managing information security risks across Government bodies that need to set up appropriate controls for the protection of information from a wide range of threats in order to ensure continuity in Government operations, minimize risk, and maximize return on Government IT investments.

Areas Covered: 

  • Information security policy
  • Organization of information security
  • Asset management
  • Human resource security
  • Communications security
  • Operations security
  • Physical and environmental security
  • Cryptography
  • Access control
  • Systems acquisition, development and maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity
  • Compliance
  • Compliance checklist for information security
  • Acceptable use of computing resources (assets) sample policy

Date of Operationalisation: 01 October 2016

Information Security Standard