Page 7 - POLISI KESELAMATAN SIBER KESUMA V1.0

Page 7 - POLISI KESELAMATAN SIBER KESUMA V1.0 - EDARAN UMUM_07032025

P. 7

BIDANG A.8: PENGURUSAN OPERASI ..................................................................................... 69

A.8.1 Pengurusan Prosedur Operasi ....................................................................... 69

A.8.1.1 Pengendalian Prosedur....................................................................................... 69
A.8.1.2 Kawalan Perubahan ............................................................................................. 69

A.8.1.3 Perancangan Kapasiti ......................................................................................... 70
A.8.1.4 Pengasingan Kemudahan Pembangunan, Ujian dan Operasi .................. 71
A.8.2 Perisian Berbahaya (Protection from Malware) ............................................. 71

A.8.2.1 Perlindungan dari Perisian Berbahaya ........................................................... 71

A.8.3 Backup .............................................................................................................. 72

A.8.3.1 Backup Maklumat (Information Backup) ........................................................ 72
A.8.4 Log dan Pemantauan ....................................................................................... 73

A.8.4.1 Jejak Audit .............................................................................................................. 73

A.8.4.2 Perlindungan Log ................................................................................................. 74
A.8.4.3 Log pentadbir dan Operator .............................................................................. 75

A.8.4.4 Clock Synchronisation ........................................................................................ 75
A.8.5 Kawalan Perisian Operasi ............................................................................... 76

A.8.5.1 Pemasangan Perisian Pada Sistem Operasi ................................................. 76

A.8.6 Kawalan Teknikal Keterdedahan (Vulnerability) ............................................ 77

A.8.6.1 Kawalan dari Ancaman Teknikal ...................................................................... 77
A.8.6.2 Kawalan Pemasangan Perisian ......................................................................... 77

A.8.7 Pertimbangan Audit Sistem Maklumat ........................................................... 78

A.8.7.1 Pematuhan Keperluan Audit/Kawalan Audit Sistem Maklumat ............... 78
BIDANG A.9: PENGURUSAN KOMUNIKASI ............................................................................. 79

A.9.1 Pengurusan Keselamatan Rangkaian ............................................................ 79

A.9.1.1 Kawalan Infrastruktur Rangkaian ..................................................................... 79
A.9.1.2 Keselamatan Perkhidmatan Rangkaian .......................................................... 81

A.9.1.3 Pengasingan rangkaian ...................................................................................... 81
A.9.2 Pemindahan Maklumat .................................................................................... 82

A.9.2.1 Polisi dan Prosedur Pemindahan Maklumat ................................................. 82
A.9.2.2 Perjanjian Mengenai Pemindahan Maklumat ................................................ 82

A.9.2.3 Pengurusan Mel Elektronik (E-mel) ................................................................. 83
A.9.2.4 Kerahsiaan dan Non-Disclosure Agreement ................................................. 85

7 | 1 1 9

2 3 4 5 6 7 8 9 10 11 12