NSTSSI Security Education Standards |
5. OPERATIONS a. Policies/Procedures (1) describe disaster recovery policies and procedures; (2) use/implement disaster recovery policies and procedures; (3) define disaster recovery policies and procedures; (4) describe documentation policy and procedures; (5) use/implement documentation policy and procedures; (6) discuss object reuse policy and procedures; (7) describe separation of duties policies and procedures; (8) practice/implement separation of duties policies and procedures; (9) identify disposition of media and data policies and procedures; (10) perform disposition of media and data policies and procedures; (11) explain disposition of media and data policies and procedures; and (12) identify storage media protection/control policies and procedures. b. Countermeasures/Safeguard (1) use countermeasure/safeguard alarms, signals and reports; (2) describe countermeasures; (3) use/implement countermeasures/safeguards; (4) discuss countermeasure/safeguard corrective actions; (5) assist in performing countermeasure/safeguard corrective actions; (6) describe safeguards; and (7) use/implement safeguards. c. Management/Oversight (1) use/implement management/oversight change controls; (2) describe configuration management; (3) discuss database integrity; (4) describe disaster recovery management/oversight; (5) use/implement disaster recovery management/oversight; (6) discuss electronic records management/oversight; (7) identify the key elements of information integrity; (8) discuss information management; (9) explain risk management; and (10) practice risk management.