High

Teams plan to have sufficient capacity to execute important tasks, also during holidays. There is monitoring on the capacity of the team and structural understaffing gets flagged and addressed. There are procedures in case of unplanned absence of team-members to continue with important processes. Individuals in teams that are the only ones capable of performing specific tasks need to be identified as Single Points of Failure. Team leaders are responsible for identifying these individuals and transferring this knowledge to other employees and procedures. If this knowledge is non-transferable, more capable staff or a retainer with a supplier that can provide...

Before commencement of processing activities background checks are performed for all individuals working with sensitive data and systems to determine integrity and suitability for the tasks and ensure secure behaviour. Screening is repeated periodically and a procedure is in place to deal with situations where screening identifies security risks.

Unless necessary for executing job responsibilities, by default user endpoints do not allow the execution of scripts and executables. If the function necessitates this access, it will be documented and approved by the supervisor.

Printing services are appropriately protected: Printers are kept separate from the public internet. Printing requires authentication before printing. No repeating printing statements. Documents are stored encrypted and for as short a time as possible. Print jobs only start after user authenticates at the printer.

Only data owners have access to their data. Administrators and suppliers can only access the data through a break-glass procedure that involves business sign-off and consultation with the organisation.

The organization has a (contracted) CSIRT. The CSIRT is fully mandated to respond to active threats to limit the impact of potential security incidents.

A business contuinity plan (BCP) exists for potential disaster scenario’s that could affect the critical processes. The business contuinity plan is reviewed at least annually. The business continuity plan is tested periodically.

A disaster recovery plan (DRP) exists for potential disaster scenarios that could affect the IT systems. The disaster recovery plan is reviewed at least annually. The disaster recovery plan is tested periodically.

All critical backup media, documentation and other IT resources needed for IT recovery, and business continuity plans are stored offsite. The content of backup storage is determined after collaboration between business process owners and IT personnel. Management at the offsite storage facility acts on the basis of data classification policy and the enterprise’s media storage practices. IT management ensures that offsite arrangements are periodically assessed, at least annually, for content, environmental protection and security. Compatibility of hardware and software for restoring archived data is ensured, and archived data is periodically tested and refreshed.

Description Domain names reserved for organisational purposes cannot be released shortly after the domain name is no longer needed. A list of domain names that can never be released needs to be kept. Domain names not on this list need to remain reserved with a placeholder message that the domain is no longer in use by the organisation for 3 years before they can be released and used by other parties.