cover_asset_EN

Asset Management

An asset management policy provides a structured framework for managing an organization's assets to optimize performance, ensure compliance, and maximize value over the asset lifecycle. It outlines principles, responsibilities, and procedures to guide asset-related decision-making and resource allocation.

docx
1.268
Download
front_vulnermgmnt_eng.jpg

Vulnerability and patch management Policy

A vulnerability is a flaw or weakness, a design or implementation error, lack of updates in the light of existing technical knowledge, that can compromise the security of information technologies. A vulnerability can lead to an unexpected or unwanted event and be exploited by malicious third parties to violate the integrity, authenticity, confidentiality or availability of a system or to damage a system.  Therefore, it is vital that we eliminate as many known vulnerabilities as possible. For this, we need a good patch management system and vulnerability monitoring.

docx
1.268
Download
front_password_eng.jpg

Password policy

Passwords are often used to authenticate users. This document provides a policy on the use and implementation of passwords for confidential and critical information systems.

docx
1.268
Download
front_network_eng.jpg

Network security policy

Network security within the organisation is important because it is your first defence against outside attacks. By implementing effective technical and organisational network security measures, you can prevent cybercriminals from mapping your infrastructure, disrupting your communications, unlawfully gathering data or reaching critical applications and devices

docx
1.268
Download
front_cyberpol_eng.jpg

Cybersecurity Policy

This Cybersecurity Policy defines the minimum requirements applicable to all departments within the organisation so that we protect one's intellectual property, commercial advantage and people from the consequences of poor Information Security and possible cyber-attacks.

docx
1.268
Download
front_cirp_eng.jpg

Cyber incident response plan

This document contains guidelines and examples that organisations can follow to support the development of their own Cyber Incident Response Plan (CIRP). The template is not exhaustive. Each organisation's CIRP should be tailored to its unique operating environment, priorities, resources and constraints.

docx
1.268
Download
front_backup_eng.jpg

Backup and restore policy

Critical information and information systems must be protected against data loss and data damage. Backup and recovery procedures enable us to restore information in case of disaster scenarios.  This policy provides organisations with some tools to develop a sound backup strategy.

docx
1.268
Download
front_access_eng.jpg

Access policy

Within an organisation, access management is an essential part of security that determines who has access to certain data, applications and other digital assets, and under what circumstances. This access management policy secures digital environments in the same way keys and guest lists secure physical spaces. It allows the organisation to verify that users are who they say they are, and that these users have been granted appropriate access, based on context such as device, location, function and more.

docx
1.268
Download
front_rules_eng.jpg

10 Golden Rules for Cybersecurity

These 10 golden rules give a brief overview of what an organisation can consider to start communication and implementation around cyber security.

docx
1.268
Download

Disclaimer

This document and its annexes have been prepared by the Centre for Cybersecurity Belgium (CCB), a federal administration created by the Royal Decree of 10 October 2014 and under the authority of the Prime Minister.

The documents on this webpage may be used and adapted for non-commercial purposes and provided the source is mentioned.

In no way may a document derived from the documents on this webpage give the impression that it is a document validated by the Centre for Cybersecurity Belgium.

The logo of the Centre for Cybersecurity Belgium may not be used in any document derived from the documents on this webpage.

The CCB accepts no responsibility for the content of this document.

The information provided:

  • are exclusively of a general nature and do not intend to take into consideration all particular situations;
  • are not necessarily exhaustive, precise or up to date on all points