Table of contents exchange of letters with the minister executive summary


IHIS’ INTERNAL FRAMEWORK FOR INCIDENT REPORTING AND



Download 5.91 Mb.
View original pdf
Page21/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   17   18   19   20   21   22   23   24   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019
11
IHIS’ INTERNAL FRAMEWORK FOR INCIDENT REPORTING AND
RESPONSE ................................................................................................................. 34
11.1
The Healthcare IT Security Incident Response Framework (“SIRF”) .......... 35 The Cluster IT Security Incident Response SOP (“IR-SOP”) ....................... 35 Security incident reporting flow for SingHealth ............................................ 35 Technical incident response – the Security Incident Response Team
(“SIRT”), Security Incident Response Manager (“SIRM”) and Computer Emergency Response Team (CERT) ......................................................... 39
12
IT AND IT SECURITY GOVERNANCE FOR SINGHEALTH .................. 40
12.1
Healthcare sector-wide platforms The Healthcare IT Steering Committee and the Cyber Security Council ............................................................................ 41 12.2
Cluster-level platforms for SingHealth .......................................................... 42 IT security-related risk management ............................................................. 43
12.3.1
MOHH Audit and Risk Committee (ARC) and Group Internal Audit
(“GIA”) ............................................................................................................ 43
12.3.2
Internal IT security risk assessments ................................................................ 44 IT security audits ............................................................................................ 45
12.4.1
CII audits on the SCM system ........................................................................... 45
12.4.2
Audits for non-CII systems and the FY H-Cloud Pen-Test ........................... 45 Compliance reviews and tracking of progress on action plans from audits .. 46 Followup for IT Security audits .................................................................... 47 Relative roles of MOHH GIA and CSG ........................................................ 47


Download 5.91 Mb.

Share with your friends:
1   ...   17   18   19   20   21   22   23   24   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy