| 3.1.1 |
ICT has drawn, compiled and posted at SEDC portal the various ICT security policiesand guidelines to regulate and control information from possibleunauthorised access,use, disclosure, disruption, modification or destruction |
|
| 3.1.2 |
Quite a number of staff were unable to comprehend between SEDC Portal and Websiteand how to access the portal, thus not aware of the existence of the various ICTsecuritypolicies and guidelines in the SEDC Portal |
|
| 3.2.1 |
ICT has implemented access control right to system networks to prevent unauthorised use of system application for executing transactions, updating amendment or deletion and retrieval of records and protecting computer information and resources with respect to confidentiality and integrity
|
|
| 3.3.1 |
A firewall to filter incoming and outgoing traffic into the Local Area Network of the Corporation and anti-virus software were installed on devices to prevent possible threat from hacking and malware that can wreak havoc to the Corporation network systems
|
|
| 3.4.1 |
ICT has installed an automatic backup of system, program and data that allow the recovery of information stored on servers but yet to implement off-site storage and also yet to conduct recovery drill for 2018/2019
|
|
| 3.4.2 |
Server room safety and security features were satisfactory to support network, avoid crashes and failures and prevent damage to servers, thus loss of data
|
|
| 3.5.1 |
ICT has developed and compiled IT Disaster Recovery Plan to mitigate possible disaster that renders the Corporation’s computer systems not operating effectively however disaster recovery plan exercise or drill for the new servers and backup processes at the new Menara has yet to be done
|
|