NPFC Information Security and Management System

The Information Security and Management System was first presented at the 2nd Commission meeting and, after discussions, was approved as an informal guideline (NPFC-2016-SWG-Fin & Admin01-WP04 (Rev 2)).

The intent of this document is to initiate building NPFC’s information security system. It presents framework which covers all relevant elements of information security policy including Guidelines on the Organization of Internal Information Security, Access Control Security, Information Security, Human Resources Security, Physical and Environmental Security, Communication and Operations Security, System Acquisition, Development and Maintenance Security, and Business Continuity Management.  These guidelines shall be developed by the Secretariat and/or Special Working Group on Information Security Policy (SWG ISP) organized by the Commission when there is such necessity.