High

Event data is aggregated from multiple sources. Accepted organisational risks are monitored through defined abuse cases. Personnel security and awareness is monitored and periodically tested.

Applications log access (attempts) to sensitive data. Applications log mutations of system configurations and sensitive data. Original values are recommended but not necessitated to be stored.

Protections are in place to detect and prevent unauthorised user activity based on context and behaviour.

Process owners are responsible for an authorization matrix listing who has what access to data and functionality in relevant systems, in what capacity. The authorisation matrix includes roles, the authorisations in roles, individuals and which roles the individuals are allowed to have. Optionally, job functions can be used to identify which roles belong to those functions. If there conflicts between certain authorisations that cannot be given simultaneously, the authorisation matrix identifies which combinations of authorisations are not allowed. Template-AutorisatiematrixDownload

Teams plan to have sufficient capacity to execute important tasks, also during holidays. There is monitoring on the capacity of the team and structural understaffing gets flagged and addressed. There are procedures in case of unplanned absence of team-members to continue with important processes. Individuals in teams that are the only ones capable of performing specific tasks need to be identified as Single Points of Failure. Team leaders are responsible for identifying these individuals and transferring this knowledge to other employees and procedures. If this knowledge is non-transferable, more capable staff or a retainer with a supplier that can provide...

Before commencement of processing activities background checks are performed for all individuals working with sensitive data and systems to determine integrity and suitability for the tasks and ensure secure behaviour. Screening is repeated periodically and a procedure is in place to deal with situations where screening identifies security risks.

Unless necessary for executing job responsibilities, by default user endpoints do not allow the execution of scripts and executables. If the function necessitates this access, it will be documented and approved by the supervisor.

Printing services are appropriately protected: Printers are kept separate from the public internet. Printing requires authentication before printing. No repeating printing statements. Documents are stored encrypted and for as short a time as possible. Print jobs only start after user authenticates at the printer.

Only data owners have access to their data. Administrators and suppliers can only access the data through a break-glass procedure that involves business sign-off and consultation with the organisation.

The organization has a (contracted) CSIRT. The CSIRT is fully mandated to respond to active threats to limit the impact of potential security incidents.