FORMAT
BOOKS
PACKAGES
EDITION
PUBLISHER
CONTENT TYPE
Act
Admin Code
Announcements
Bill
Book
CADD File
CAN
CEU
Charter
Checklist
City Code
Code
Commentary
Comprehensive Plan
Conference Paper
County Code
Course
DHS Documents
Document
Errata
Executive Regulation
Federal Guideline
Firm Content
Guideline
Handbook
Interpretation
Journal
Land Use and Development
Law
Legislative Rule
Local Amendment
Local Code
Local Document
Local Regulation
Local Standards
Manual
Model Code
Model Standard
Notice
Ordinance
Other
Paperback
PASS
Periodicals
PIN
Plan
Policy
Product
Program
Provisions
Requirements
Revisions
Rules & Regulations
Standards
State Amendment
State Code
State Manual
State Plan
State Standards
Statute
Study Guide
Supplement
Technical Bulletin
All
|
Description of ASTM-E2674 2009ASTM E2674 - 09Standard Practice for Assessment of Impact of Mobile Data Storage Device (MDSD) LossActive Standard ASTM E2674 | Developed by Subcommittee: E53.02 Book of Standards Volume: 04.12 ASTM E2674Significance and Use This practice establishes a standard impact assessment methodology to enable entities to uniformly ascertain and communicate impact levels associated with the potential loss of MDSDs. This practice is not intended to prescribe specific information security policies for entities or organizations. This practice assumes that individuals and entities are following all relevant information security policies as required by federal or state law, the terms of applicable government contracts, specific agency policies such as the National Industrial Security Program Operating Manual (NISPOM), and entity-specific policies. This practice assumes, but does not require, that entities have devised and are maintaining a system of internal controls over MDSDs in accordance with the section on Management of Property of Practice E 2279 . This practice assumes, but does not require, that the results of this impact assessment will inform future actions and help entities determine cost-effective property control measures for MDSDs commensurate with the potential consequences of their loss in accordance with the section on Management of Property of Practice E 2279 . This practice encourages an inclusive understanding and communication of the risk associated with MDSDs and, by assigning a rating to the impact of loss, enables comparisons on this basis to other MDSDs rated using the same practice. This practice is intended to foster and enable additional standard practices related to or based on these terms and concepts. 1. Scope 1.1 This practice describes a methodology for assessing and quantifying the impact of the loss of mobile data storage devices (MDSDs), for example, thumb drives, auxiliary hard drives, and other property containing personally identifiable information or other entity sensitive information. 1.2 This practice is based on two concepts: 1.2.1 Identifying the MDSDs that pose the greatest risk to the organization based on both the information that is stored on them and the location in which they are used, and 1.2.2 Determining the impact of the potential loss of specific MDSDs. In general, this impact assessment is best practiced as a part of a larger risk management process. While this practice does not address this larger topic, it may inform other risk management standards. 1.3 This practice is intended to be applicable and appropriate for all asset-holding entities. 1.4 In accordance with the provisions of Practice E 2279 , this practice clarifies and enables effective and efficient control and tracking of equipment. 1.5 This standard does not purport to address all of the safety concerns, if any, associated with its use. It is the responsibility of the user of this standard to establish appropriate safety and health practices and determine the applicability of regulatory limitations prior to use.
ASTM Standards E2135 Terminology for Property and Asset Management E2279 Practice for Establishing the Guiding Principles of Property Management E2452 Practice for Equipment Management Process Maturity (EMPM) Model E2495 Practice for Prioritizing Asset Resources in Acquisition, Utilization, and Disposition E2499 Practice for Classification of Asset Physical Location Information E2608 Practice for Equipment Control Matrix (ECM) Keywords ECC; ECL; equipment control class; equipment control level; information security; information system; information type; personally identifiable information; PII; PLL; property; risk; MDSD; mobile data storage device; tangible asset; ICS Code ICS Number Code 35.220.99 (Other data storage devices) DOI: 10.1520/E2674-09 ASTM International is a member of CrossRef. ASTM E2674This book also exists in the following packages...Subscription InformationMADCAD.com ASTM Standards subscriptions are annual and access is unlimited concurrency based (number of people that can access the subscription at any given time) from single office location. For pricing on multiple office location ASTM Standards Subscriptions, please contact us at info@madcad.com or +1 800.798.9296.
Some features of MADCAD.com ASTM Standards Subscriptions are: - Immediate Access: As soon as the transaction is completed, your ASTM Standards Subscription will be ready for access.
For any further information on MADCAD.com ASTM Standards Subscriptions, please contact us at info@madcad.com or +1 800.798.9296.
About ASTMASTM International, formerly known as the American Society for Testing and Materials (ASTM), is a globally recognized leader in the development and delivery of international voluntary consensus standards. Today, some 12,000 ASTM standards are used around the world to improve product quality, enhance safety, facilitate market access and trade, and build consumer confidence. ASTM’s leadership in international standards development is driven by the contributions of its members: more than 30,000 of the world’s top technical experts and business professionals representing 150 countries. Working in an open and transparent process and using ASTM’s advanced electronic infrastructure, ASTM members deliver the test methods, specifications, guides, and practices that support industries and governments worldwide. |
GROUPS
|