|
|
IS Requirements Gathering Questionnaire
|
DQ Status
|
Live
|
Policy
|
DQ Content Authority
|
Head of Information Security (Julia Harris)
|
Contact(s) for Help
|
Brian Brackenborough
|
Description
|
Intended Audience: Anyone involved in the creation, modification or replacement of systems.
Use: The document contains a form that should be completed and submitted to Information Security Manager: ism@bbc.co.uk. The form within the document is intended to gather all the IS requirements about a system to enable the Information Security team to give guidance, approval and dispensation, as appropriate, ensuring the system complies with current Policies and Standards.
Obtaining Information Security approval is a normal part of the change-control process. Filling in this questionnaire is not a substitute for following change control procedures, but should be considered as a parallel task.
Compliance with BBC IS requirements will be aided by following relevant BBC/SBMS implementation standards.
|
DQ Reference
|
Version
|
Date
|
Last Reviewed
|
is_12_01
|
02.03
|
15/12/2004
|
May 2010
|
Key Words
|
IS, requirements, questionaire
|
DQ Location
|
Internal: http://guidelines.gateway.bbc.co.uk/dq/is/requirements.shtml
External: http://www.bbc.co.uk/guidelines/dq/contents/information_security.shtml
|
1 Introduction 3
2 Filling in the form 6
3 High-level details 10
4 Physical and hardware 11
5 Operating systems 11
6 Software, including databases 12
7 Networks 13
8 Users and Administrators 15
9 Identification, authentication and authorisation (logging in) 16
10 Sensitive, personal, commercial information and legal considerations 17
11 Operations and support 18
12 Disaster Recovery and backups 18
13 Document Identification 20
14 Authorisation 20
15 History 20