Podcast
Questions and Answers
What must the Right-Hand do before implementing a connection with a Third Party?
What must the Right-Hand do before implementing a connection with a Third Party?
- Conduct a risk assessment (correct)
- Ensure all relevant bodies are informed
- Monitor and access the Third Party’s information and data
- Liaise with the Third Party
What must the Third Party and Right-Hand inform each other about?
What must the Third Party and Right-Hand inform each other about?
- Computers left unlocked when unattended
- Password disclosures
- Security incidents which may impact the confidentiality, integrity or availability of the third-party service or data (correct)
- Missing correspondence
What must the Right-Hand be responsible for?
What must the Right-Hand be responsible for?
- Conducting a risk assessment
- Informing all relevant bodies when the connection is no longer required
- Monitoring and accessing the Third Party’s information and data
- Liaising with the Third Party (correct)
What must the Third Party meet in order to be connected with the Right-Hand?
What must the Third Party meet in order to be connected with the Right-Hand?
What type of incidents should the Right-Hand be aware of?
What type of incidents should the Right-Hand be aware of?
Flashcards are hidden until you start studying
Study Notes
- The Right-Hand takes precedence over any individual requirements for a Third Party connection.
- A risk assessment should be conducted, prior to implementation of any connection, to identify specific requirements.
- The Third Party must meet the Right-Hand’s security standards and comply with Right-Hand’s security policies.
- The Right-Hand must be able to monitor and access the Third Party’s information and data.
- The Right-Hand must be responsible for liaising with the Third Party and ensuring all relevant bodies are informed when the connection is no longer required.
- Third Parties and the Right-Hand must inform each other about any security incidents which may impact the confidentiality, integrity or availability of the third-party service or data provided by the service.
- Incidents originating within the Right-Hand must be handled in accordance with the ‘Security incident management policy and procedures.’
- The range of security incidents which will require security awareness procedures includes: Computers left unlocked when unattended, password disclosures, virus warnings/alerts, media loss, data loss/disclosure, misuse/loss/corruption/alteration of Personal information, physical security breaches, and missing correspondence.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.