Newstaff, Inc.

Newstaff, Inc.

Information Security Services

British Standard 7799 System Development Control

Newstaff Inc.
Security Information
Security Criteria

BS 7799

Security Policy
Security Organization
Assets Control
Personnel Security
Physical Security
Computer, Network
Access Control
Development Controls
Continuity Planning
Compliance, Auditing
  • To ensure security is built into operational systems
  • To prevent loss, modification or misuse of user data in application systems
  • To protect the confidentiality, authenticity and integrity of information
  • To ensure IT projects and support activities are conducted in a secure manner
  • To maintain the security of application system software and data
    • Security in application systems should include:

      • data input validation
      • control of internal processing including definition of areas of risk and checks and controls
      • message authentication
      • output data validation

      Cryptographic controls should include:

      • appropriate policy
      • appropriate encryption techniques
      • appropriate digital signature techniques
      • non-repudiation services
      • key management
      • protection of keys
      • standards, procedures and methods

      Security of system files should include:

      • control of operational software
      • control of access to program source code library

      Security in development and support must have in place:

      • change control procedures
      • a technical review of operating system changes
      • restrictions on changes to software packages
      • control over outsourced software development

      Contact Us for a proposal!
© Copyright 1995-2018 by Newstaff, Inc.. All rights reserved. Contact Us About Our Site