Form Oit-0137 - Information Security'S Certification And Accreditation Checklist Page 2
Download a blank fillable Form Oit-0137 - Information Security'S Certification And Accreditation Checklist in PDF format just by clicking the "DOWNLOAD PDF" button.
Open the file in any PDF-viewing software. Adobe Reader or any alternative for Windows or MacOS are required to access and complete fillable content.
Complete Form Oit-0137 - Information Security'S Certification And Accreditation Checklist with your personal data - all interactive fields are highlighted in places where you should type, access drop-down lists or select multiple-choice options.
Some fillable PDF-files have the option of saving the completed form that contains your own data for later use or sending it out straight away.
ADVERTISEMENT
1
2
3
4The purpose of the checklist is to guide an agency and for the Statewide Office of Information Security to
follow in validating security requirements for systems, applications, system software, and other
technologies before they are deployed into a production environment. It is designed to ensure
compliance with specifications, regulations, standards and objectives identified during each phase of
the System Development Life Cycle (SDLC). Reference the 205 – Certification and Accreditation
Policy.
Check Boxes for those that are Completed
Logical SAR
Authentication
Implemented an authentication service such as State’s Credential and Identity Access
and Access
System. Implemented account provisioning procedures and defined access roles.
Controls
Firewall
Verified and implemented firewall rule set.
Controls
Business Entity
or Extranet:
Completed the Business Entity and Extranet Appendices.
Appendix A, B,
C, and D
A.
Application Form.
NJOIT_0110%20GSN%20Extranet%20Application%20Form_Appendix_A.pdf
B.
Memorandum of Understanding.
NJOIT_0184_Business_Entity_IT_Services_Extranet_%20MOU_Appendix_B.dot
C.
Operational Form.
NJOIT_0145_Business_Entity_IT_Services_Extranet_Connection_Detail_Appendix_C.dot
D.
Security Controls Assessment Checklist.
Documentation is available through SOIS (njinfosecure@oit.nj.us) request or NJ-ISAC
The data is encrypted in transit.
Encryption
The data is encrypted at rest.
PCI-related
PCI certification (Attestation of Compliance).
application
The Attestation is a PCI-DSS assessment and certification of the Business Entity’s PCI
security requirements performed by a security representative (Qualified Security
Assessor). A copy of the Attestation of Compliance has been provided.
Data Transfer
An interface report has been completed and workflow established.
OIT-0137 (11/02/2016)
Information Security’s Certification and Accreditation Checklist Version 4
Page 2 of 4
ADVERTISEMENT
0 votes
Related Articles
Related forms
Form 1096 (for Informational Purposes) - Annual Summary And Transmittal Of U.s. Information Returns - 2016
Financial
Form 1096 (for Informational Purposes) - Annual Summary And Transmittal Of U.s. Information Returns - 2017
Financial
Form Hud-3111 - Mortgagee's Certification And Application For Interest Reduction Payments - U.s. Department Of Housing And Urban Development
Legal
Form Mv-901di - Instructions And Requirements For Completing Mv-901d "garageman's Certification And Bill Of Sale For Vehicles Worth Less Than 500"
Legal
Form Ds-de 50 Sequoia - Provisional Ballot Voter's Certificate And Affirmation - Processing Procedures (2006)
Legal
Form Ds-de 49 Ts - Provisional Ballot Voter's Certificate And Affirmation - Provisional Ballot Processing Procedures (2006)
Legal
Form Ds De 49-os/ts - Provisional Ballot Voter's Certificate And Affirmation - Provisional Ballot Processing Procedures (2006)
Legal
Related Categories
Parent category: Legal