* Security Policy
Ensuring that the provision of a management direction exists together with support for information security. These are to comply with relevant laws & regulations and the business requirements of Granddik.
* Organization of Information Security
Making sure that Information security within Granddik is managed. Maintaining security of Granddik’s information processing facilities that are processed, accessed, communicated to and managed by any external entities.
* Asset Management
Realization and maintenance of all organizational assets. Making sure that information is accorded the required and appropriate level of protection.
* Human Resources Security
Making sure that all stakeholders, contractors, employees and other users:
1. Have a complete understanding of their responsibilities and that they are suitable for roles that they are considered for.
2. Are made aware of all possible information security concerns and threats that exist or that may arise.
3. Change employment or leave the organization in an orderly manner.
* Physical and Environmental Security
Ensure that unauthorized access physical or otherwise, damage and interference to the organizations information and premise is at all time prevented. Also prevent any compromise of assets, loss, theft, interruption and damage to organizations activities.
* Communications and Operations Management
Ensuring that controls for operational procedures are developed, e-commerce services, information exchange, backup, third-party delivery management, media handling, malware protection, monitoring, system planning and network security management.
Designing control structures for business requirements to be implemented for user responsibilities and access, information access control, network access control, application access control and OS access control.
* Information Systems Acquisition, Development, and Maintenance