Куда я попал?
Стандарт № GMP Annex 11: Computerised Systems (EN) от 30.11.2011
Good Manufacturing Practice. Annex 11: Computerised Systems
Р. 4 п. 6 п.п. 1
Для проведения оценки соответствия по документу войдите в систему.
Список требований
Похожие требования
Framework № PCI DSS 4.0 от 01.03.2022 "Payment Card Industry Data Security Standard":
Requirement 2.2.6
2.2.6
Defined Approach Requirements:
System security parameters are configured to prevent misuse.
Customized Approach Objective:
System components cannot be compromised because of incorrect security parameter configuration.
Defined Approach Testing Procedures:
Defined Approach Requirements:
System security parameters are configured to prevent misuse.
Customized Approach Objective:
System components cannot be compromised because of incorrect security parameter configuration.
Defined Approach Testing Procedures:
- 2.2.6.a Examine system configuration standards to verify they include configuring system security parameters to prevent misuse.
- 2.2.6.b Interview system administrators and/or security managers to verify they have knowledge of common security parameter settings for system components.
- 2.2.6.c Examine system configurations to verify that common security parameters are set appropriately and in accordance with the system configuration standards.
Purpose:
Correctly configuring security parameters provided in system components takes advantage of the capabilities of the system component to defeat malicious attacks.
Good Practice:
System configuration standards and related processes should specifically address security settings and parameters that have known security implications for each type of system in use.
For systems to be configured securely, personnel responsible for configuration and/or administering systems should be knowledgeable in the specific security parameters and settings that apply to the system. Considerations should also include secure settings for parameters used to access cloud portals.
Further Information:
Refer to vendor documentation and industry references noted in Requirement 2.2.1 for information about applicable security parameters for each type of system.
Correctly configuring security parameters provided in system components takes advantage of the capabilities of the system component to defeat malicious attacks.
Good Practice:
System configuration standards and related processes should specifically address security settings and parameters that have known security implications for each type of system in use.
For systems to be configured securely, personnel responsible for configuration and/or administering systems should be knowledgeable in the specific security parameters and settings that apply to the system. Considerations should also include secure settings for parameters used to access cloud portals.
Further Information:
Refer to vendor documentation and industry references noted in Requirement 2.2.1 for information about applicable security parameters for each type of system.
Стандарт № GMP Annex 11: Computerised Systems (RU) от 30.11.2011 "Правила надлежащей производственной практики. Приложение 11: Компьютеризированные системы":
Р. 4 п. 6 п.п. 1
Для критических данных, вводимых вручную, следует предусмотреть дополнительный контроль точности ввода данных. Этот контроль может осуществляться вторым оператором или с помощью валидированных электронных средств. Критичность и потенциальные последствия ошибочного или неправильного ввода данных в систему должны охватываться системой управления рисками.
Связанные защитные меры
Ничего не найдено