SECURITY
Cybersecurity measures and practices must be in place to facilitate a secure environment for the storage, use, and dissemination of Organizational Data to protect the confidentiality, integrity, and availability of information. Controlling who has access to information is also important.
Data Protection Categorization
This Categorization indicates the minimum level of protections required for Organizational Data and Information Systems based on Cyber Security requirements.
Data Protection Safeguards
Cyber Security requirements for the appropriate controls that should be in place for Organizational Data based on that data's various categorizations.
Protected Data Practices
Cyber Security requirements and best practices on how to use, store, and share Organizational Data based on that data's various categorizations.
Access Procedures
Access to Organizational Data is often required for many job functions. Established access procedures contribute to the protection against cybersecurity threats and dangers.
Separation of Duties
Responsibility for related transactions should be divided among employees so that one employee’s work serves as a check on the work of other employees.