HostedDB - Dedicated UNIX Servers
-->
IT Baseline Protection Manual S 2.154 Creation of a computer virus protection concept

S 2.154 Creation of a computer virus protection concept

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: IT Security Management

In order to obtain effective protection against computer viruses for an entire organisation, it is essential to select and implement co-ordinated and appropriate protective measures. This calls for a conceptual approach to ensure that suitable measures are applied to all IT systems concerned and that the necessary protection is maintained by a programme of updating.

The table of contents of a computer virus protection concept is shown below.

Table of contents of a computer virus protection concept

Part A: Awareness raising

  1. Dependence of the institution on the use of IT
  1. Description of the hazard potential
  1. Damage scenarios
  1. IT systems potentially affected

Part B: Necessary protective measures

  1. Computer virus protection strategy
  1. Updating computer virus scanning programs

Part C: Regulations

  1. Regulations on protection against computer viruses
  1. Regulation of responsibilities

Part D: Resources

  1. Procedures in the event of computer virus infection
  1. Reporting channels in the event of computer virus infection
  1. User's Guide for the computer virus detection program

The measures described in the following explain how some important parts of this concept can be put into practice.

Additional controls:

© Copyright by
Bundesamt für Sicherheit in der Informationstechnik		 July 1999
home