UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

NR/L2/INF/02242

Information Security Manual

active, Most Current
Buy Now
Organization: NR
Publication Date: 3 December 2016
Status: active
Page Count: 14
scope:

This manual describes the framework for governance management and of security requirements for information and information systems. This manual provides the baseline security principals to support the level 1 Information Security Policy.

This applies to all authorised Users of all Network Rail networks, IT systems, data and telecommunication equipment.

It covers the management of all accounts which are administered by Network Rail and by third parties on behalf of Network Rail

Purpose

The purpose of this manual is to:

a) support the consistent identification, understanding and assessment of information security risks;

b) provide up to date information against government guidelines, legislation, information security industry best practise and relevant ISO standards; and

c) provide guidance to those impacted to help them make the changes necessary to people, process and technology.

Through consistent identification, understanding and assessment of information security risks, Network Rail is able to apply appropriate controls in order to manage information security risk at the appropriate level for the company

Document History

NR/L2/INF/02242
December 3, 2016
Information Security Manual
This manual describes the framework for governance management and of security requirements for information and information systems. This manual provides the baseline security principals to support...
NR/L2/INF/02242 ISSUE 3
September 3, 2016
Information Security Manual
This manual describes the framework for governance management and of security requirements for information and information systems. This manual provides the baseline security principals to support...
NR/L2/INF/02242 ISSUE 2
June 4, 2016
Information Security Manual
This manual describes the framework for governance management and of security requirements for information and information systems. This manual provides the baseline security principals to support...
NR/L2/INF/02242 ISSUE 1
March 5, 2016
Information Security Manual
This manual describes the framework for governance management and of security requirements for information and information systems. This manual provides the baseline security principals to support...

References

This document references:
NR/L3/INF/02224 - Sharing Framework for Information
Published by NR on March 2, 2019
This standard applies to all people that are responsible for handling and/or sharing data and information for and on behalf of Network Rail. It applies to Network Rail information that is accessed,...
This document references:
NR/L1/INF/02232 - Information Security Policy - This standard should only be used for reference to ensure 'The Control of Risk' until the compliance date of its replacement standard is reached, upon which this standard will be withdrawn. The development of all new processes and procedures should be to the replacement standard
Published by NR on March 5, 2016
This policy applies to all Users who have access to Network Rail information and information systems. This policy describes the framework for governance management and of security requirements for...
This document references:
NR/L2/INF/02223 - Information Classifications - Security
Published by NR on June 2, 2018
This standard applies to all people that are responsible for creating, processing, handling, storing and destroying data and information for and on behalf of Network Rail. Purpose This standard...
This document references:
NR/L3/INF/02224 - Sharing Framework for Information
Published by NR on March 2, 2019
This standard applies to all people that are responsible for handling and/or sharing data and information for and on behalf of Network Rail. It applies to Network Rail information that is accessed,...
This document references:
NR/L3/INF/02231 ISSUE 2 - Disposal of Records
Published by NR on September 3, 2022
This standard specifies how Network Rail shall dispose of records and information that is time expired according to the Corporate Records Retention Schedule. It relates to both the disposal of...
This document is referenced by:
NR/L2/INF/02242/05 - Information Security Manual: Module 05: Cloud Computing Security Principles
Published by NR on December 3, 2016
This module specifies Network Rail’s information security requirements for cloud computing. This module applies to all staff that are responsible for procuring and maintaining cloud services models...
This document is referenced by:
NR/L2/INF/02242/04 - Information Security Manual: Module 04: Security Management and Backup of Information Systems
Published by NR on December 3, 2016
This module specifies the minimum security requirements for managing Network Rail operational systems. This module applies to all staff that are responsible for developing, configuring and...
This document is referenced by:
NRS-SRB001 - Standards Briefing Report for March 2021
Published by NR on February 4, 2021
A description is not available for this item.
This document is referenced by:
ACC/CAT/CO/001 ISSUE 130 - Catalogue of Network Rail Standards (aka NR/CAT/STP/001)
December 2, 2023
A description is not available for this item.
This document is referenced by:
ACC/CNG/CO/001 ISSUE 130 - Changes from Last Issue (aka NR/IHS/CHANGES)
January 9, 2024
Lists all the new documents published in the last quarter
This document is referenced by:
ACC/CNG/CO/001 ISSUE 130 - Changes from Last Issue (aka NR/IHS/CHANGES)
January 9, 2024
Lists all the new documents published in the last quarter
View Less
View All
Advertisement