This group includes ISO/IEC (former standard), . NBR ISO/ IEC – Information technology – Security techniques – Code of practice for . Download scientific diagram| C ´ odigo do Controle da NBR ISO/IEC from publication: Sistema de Monitoramento/Gerência de Recursos e de. 23 Apr ISO/IEC comprises ISO/IEC and ISO/IEC / Cor Its technical content is identical to that of ISO/IEC.
|Published (Last):||12 July 2016|
|PDF File Size:||10.98 Mb|
|ePub File Size:||7.58 Mb|
|Price:||Free* [*Free Regsitration Required]|
The Standard presents the following as examples of documents: The importance of document control, both for those documents which are generated internally and for those which are obtained from external origins, resides in the need to identify the personnel authorized to review and approve of such documents, in the identification of the status of their revision and in the identification for distribution to those who have access to such documents.
See items c and i. The laboratory should have evidences of all the reviews carried out on its documentation available, whether the document has been revised or not. This work will not broach the treatment given to the records requirement 4.
For this reason, we will not deal with public keys here. Some laboratories opt to maintain their documents on paper, while others only use the electronic media, and yet others maintain “a hybrid” form, wherein both paper and the electronic media are used.
Bearing the approach and the application of the criteria on information and knowledge in mind, the following practices are requested for the markers that ice up item 5. Within each chapter, information security controls and their objectives are specified and outlined. Services on Demand Journal.
The adequate implementation of this aspect is one of the essential factors for the demonstration that the laboratory is competent, as specified by the Standard. Note 3 of the same item considers “the document and its content as being a single entity “.
Retrieved 1 November At the moment, the great majority of laboratories make use, to a greater or lesser degree, of computerized media in order to store their documents.
Nb order to overcome this, the laboratories have to maintain the equipment and iev software necessary for the recovery and the exhibition of the filed data, during the time period in which nbt have to be retained. That is, how the kec makes the documents available in such cases, and how it assures that the valid editions are used. The importance of document control. It would be advisable for the laboratory to define, specifically, which documents the people are authorized to access.
The importance of document control The importance of document control, both for those documents which are generated internally and for those which are obtained from external origins, resides in the need to identify the personnel authorized to review and approve of such documents, in the identification of the status of their revision and in the identification for distribution to those who have access to such documents.
The laboratory defines, in accordance with the Standard, how, and in mbr medium it shall keep its documents. According to Coutinho et al.
ISO/IEC – PDF Drive
Such systematic orientations involve: The available software offers systematic orientations to restrict access to documents. In this paper, we will begin by presenting some considerations with regards to electronic documents, and some of the characteristics of such documents. Among the advantages of computerized control is the possibility of increasing iwc productivity and competitiveness of the laboratory.
For our purposes, passwords offer the necessary level of security, which is many times greater than that which is offered by paper. In order to work with electronic documents, we need to understand the mechanism of the electronic signature. It is necessary to point out that the aim of the electronic signature is not to make the document illegible, as the content itself is not encrypted, but rather to increase the io of security of the signed document, in ieec a way so as to guarantee its confidentiality, integrity and availability.
September 05, ; Accepted: If the person opens the document as a reading-writing file, and alters it, the document could be saved using its original file name; Attribution of a password when a document is sent for revision, which prevents alterations from being made, except for commentaries or controlled alterations; Attribution of a password in order to use areas of a form, in order to create forms, which will avoid others from altering the specified sections; Attribution of a password to protect working folders and spread sheets from being altered; Attribution of a password to protect spread sheet cells, graphic data etc.
See item i ; Attending to items a to h guarantees the adequacy of markers a. A password to access isoo network environment; A password for the sharing of resources. How to cite this article. Depending on the type of security system used, there are basically two types of electronic signatures: The documents may be contained in various media: An inverse backup is normally provoked when a previous version has to be consulted, and this should be avoided.
zuthinksanhard – Abnt Nbr Iso Iec Pdf Download
More and more laboratories are substituting traditional control with electronic document control, which allows for more agility in the recovery of information. This page was last edited on 1 Marchat We will then revise requirement 4.
All the contents of this journal, except where otherwise noted, is licensed under a Creative Commons Attribution License. A system of document control must be able to generate, issue, receive, store or process information in some other manner, while at the same time trying to maintain the integrity of the documents.
It would be advisable for the document control procedure to contain, at the very least, the following information: Traditional documents shall function in the same manner: The definition of a document. In order to meet the characteristic of confidentiality, it is advisable for the laboratory to define the initial date on which the passwords become valid.