Security Management Project Company: Department of Children and Families Team me

1. Security Management Project Company: Department of Children and Families Team members: Natacha Lopez Francisco Gonzalez-Amaris Company Organization: Company Mission and Vision Statements: Mission: “Protect the Vulnerable, Promote Strong and Economically Self-Sufficient Families, and Advance Personal and Family Recovery and Resiliency.” Vision: “In partnership with local communities and providers, the Department of Children and Families will emerge as a world-class organization that protects the vulnerable and serves as stewards of the people to shape paths to independence for all Floridians.” Philosophy on IT Security : IT IS OUR GOAL TO ENSURE THE AVAILABILITY, CONFIDENTIALITY, AND INTEGRITY OF ALL DEPARTMENT RESOURCES. Present Security Procedures : To control access to Department systems and information:  Administer system access controls  Develop security policies and procedures  Administer userids and ensure their timely deletion as appropriate  Limit data access to authorized users on a "need to know" basis  Monitor violations  Aid in the apprehension of offenders To secure sensitive or confidential Department data from unauthorized access:  Ensure that all requested access to Department information is appropriate  Review security logs, files, and system journals for misuse and violations  Identify and investigate possible security risks and exposures To maintain the integrity of Department data:  Ensure there is no unauthorized modification of Department data  Provide virus protection, detection, and clean-up
2. Background image of page 1
3. Info iconThis preview has intentionally blurred sections. Sign up to view the full version.
4. View Full DocumentRight Arrow Icon
5. Standard Operating Procedures . a. Procedure for a New Employee or Contractor (1) The supervisor must ensure that the employee or contractor receives a Data Security packet. (2) The Office of Information Technology Services Human Resource Unit must notify Data Security of all new employees. (3) Before an employee or contractor can receive system access, Data Security must receive an Access Authorization Request Form (Attachment A) signed by the employee requesting a usercode and their supervisor. The form should identify system access needed for their assigned group, unit or section. b. Procedure for a Reassigned Employee or Contractor
6. Background image of page 2