|
Links are provided below for the following CMS information security procedures documents. CMS Information Security Incident Handling Procedures - provides the systematic approach for handling information or information system suspected or actual incidents and the steps for resuming business operations while still preserving the incident's forensic information for further analysis and potential law enforcement/legal action. CMS Information Security Certification & Accreditation (C&A) Procedure - provides the procedures that ensure consistency in the evaluation of security controls, facilitates security accreditation decisions and identifies and defines principle IS C&A roles and responsibilities. The CMS IS C&A procedures is independent of the Life-Cycle status of the system. CMS Information Security Testing Approach establishes a formal standard for the scoping, planning, performing, documenting and managing of information security testing of all CMS information systems conducted by CMS personnel and / or contractors.
Page Last Modified: 05/21/2008 4:07:17 PM
Help with File Formats and Plug-Ins
Submit Feedback
|
Email
Print