1. User account and password
Employees must take appropriate steps to manage the passwords in a secure manner and to prevent their disclosure to unauthorized persons. The use of another person’s account without permission in PIMS systems or in any connection to
the third party is strictly forbidden.
2. Viruses and Worms
All employees must act appropriately must act to prevent the spread of viruses and worms within the systems networks and any connectivity All personal computing devices that connect or used on PIMS must be scanned with updated antivirus program.
3. Software patches and updates
The use of up-to-date softwares and application software patches and updates are important to the organisations security.
All personal computing devices connected to the PIMS or IT system must be kept updated and patched.
4. Sensitive Information
The system security information should be classified, stored or destroyed in any case it is outdated. Valuable information should be set aside and protected by rules and regulations. Belief or suspicion that the integrity or confidentiality of the system has been compromised or is being used to breach the system policies and standards must immediately be reported to the local digital security controller or the group security representative
5. Tracking and accountability measures(audit trails) An e-procurement system should incorporate a comprehensive audit trail with a record of who did what and when at various important stage of the purchasing process. The system should also allow internal control rules to be incorporated e.g. the person who approves a requisition must be different from the requisition originator. Setting out such principles in purchasing applications can be useful countermeasures against possible fraud

(Visited 144 times, 1 visits today)
Share this:

Written by