Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools

Trace:
wiki:policies:exception

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
wiki:policies:exception [2023/02/07 21:25]
katcow 		wiki:policies:exception [2023/02/07 21:32]
katcow
Line 22: Line 22:
   * An emergency situation requires violation of the relevant security policy.   * An emergency situation requires violation of the relevant security policy.
  
- +=== To Request an Exception===
-To request an exceptions+
  
 Email or slack the [[wiki:policies:infosec#information_security_organization|information security team]] to request an exception. You request must contain the following information:  Email or slack the [[wiki:policies:infosec#information_security_organization|information security team]] to request an exception. You request must contain the following information: 
Line 40: Line 39:
 Steve would like to share Carl's Pizza Planet Account to order Pies for after-hour work events. This violates our access control policy, which Steve is well-acquainted with, as he pays close attention during annual trainings.  Steve's request might look like the following:  Steve would like to share Carl's Pizza Planet Account to order Pies for after-hour work events. This violates our access control policy, which Steve is well-acquainted with, as he pays close attention during annual trainings.  Steve's request might look like the following: 
  
-  * Request: I would like shared access to Carl'Planet Pizza online Accounts.  +  * Request: I would like share access to Carl's Pizza Planet online account.  
-  * Policy: Attaching the access control policy : [[https://wiki.nested-knowledge.com/doku.php?id=wiki:policies:access]] +  * Policy: I'm attaching the access control policy: [[https://wiki.nested-knowledge.com/doku.php?id=wiki:policies:access]] 
-  * Application; Our account on the Pizza Planet web application, accessible at the website: https://www.pizza-planet.org. +  * Device/Application: Carl'account on the Pizza Planet web application, accessible at the website: [[https://www.pizza-planet.org/portal]]
   * Rationale: Pizza Planet only permits one account per each business credit card.   * Rationale: Pizza Planet only permits one account per each business credit card.
   * Duration: Four - Six months.    * Duration: Four - Six months. 
-  * Risk: Passwords shared online may be intercepted, compromising our account and credit card information. +  * Risk: Passwords shared online may be intercepted, compromising Carl'account and our business credit card information. 
-  * Mitigation: To limit risk, credentials will be shared face-to-face verbally. +  * Mitigation: To limit risks, credentials will be shared face-to-face verbally. We will change the account password every 6-8 weeks
  
  
wiki/policies/exception.txt · Last modified: 2023/02/07 21:46 by katcow

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki