pca
1444

Dear friends,
I am attaching copy of Information Technology (Reasonable Security Practices & Procedures & Sensitive Personal Data or Information) Rules 2011 notified by the government on 11.4.2011.
As per the rules, password is treated as one of the sensitive personal data or information and company is required to publish on its website privacy policy for handling or dealing in such information. Companies implementing notified IS/ISO/IEC 27001 standard will be deemed to have complied with reasonable security practices and procedures if the same is certified or audited regularly by approved independent auditor.
It seems that all companies will have to take steps for providing secured passwords for e-mail systems, SAP system etc. Experts in IT sector may please share their views on this since currently even SAP does not provide system of secured passwords.
Regards,

From India, Malappuram
Attached Files (Download Requires Membership)
File Type: pdf IT (Reasonable Security Practices...) Rules 2011.pdf (81.2 KB, 848 views)

Community Support and Knowledge-base on business, career and organisational prospects and issues - Register and Log In to CiteHR and post your query, download formats and be part of a fostered community of professionals.





Contact Us Privacy Policy Disclaimer Terms Of Service

All rights reserved @ 2024 CiteHR ®

All Copyright And Trademarks in Posts Held By Respective Owners.