Policy 100101 Structuring E-commerce Systems including Web Sites
POLICY STATEMENT
“E-Commerce processing systems including the e-commerce Web site(s) are to be designed with protection from malicious attack given the highest priority.”

Policy 100102 Securing E-Commerce Networks
POLICY STATEMENT
“E-Commerce related Web site(s) and their associated systems are to be secured using a combination of technology to prevent and detect intrusion together with robust procedures using dual control, where manual interaction is required.”

Policy 100103 Configuring E-Commerce Web Sites
POLICY STATEMENT
“The organization’s e-commerce Web site(s) must be configured carefully by specialist technicians to ensure that the risk from malicious intrusion is not only minimized but that any data captured on the site, is further secured against unauthorized access using a combination of robust access controls and encryption of data.”

Policy 100104 Using External Service Provider for E-Commerce
POLICY STATEMENT
“Where third parties are involved in e-commerce systems and delivery channels, it is essential that they are able to meet the resilience and Information Security objectives of the organization.”

Top