Directory of VolunteerMatch Security Policies and Standards

Directory of VolunteerMatch Security Policies and Standards

 

Document Number

Policy Document

Last Approval Date

Description

VM-SP-550-10

VolunteerMatch Acceptable Use Policy 

8/29/2019

Policy providing requirements for managing risks associated with the acceptable use of information and information resources.

VM-SP-550-20

VolunteerMatch Access Control Policy

8/29/2019

Policy to ensure that only appropriate access to perform a job role or function is provided to VolunteerMatch information, information resources, and information systems.

VM-SP-550-50

VolunteerMatch Data Classification Policy

8/29/2019

Policy establishing requirements to ensure that all information possessed by VolunteerMatch is protected in an appropriate manner against misuse and harm, and is safeguarded against the risks associated with inappropriate distribution and mismanagement. This document defines a conceptual model for viewing the sensitivity of information as well as required methods for protecting information based on its sensitivity classification.

VM-SP-550-60

VolunteerMatch Exception Management Policy

8/29/2019

Policy establishing requirements for Exception Request and Approval Processes to be followed by VolunteerMatch users to document exceptions or variance to VolunteerMatch Information Security Policies and Standards.

VM-SP-550-70

VolunteerMatch IT Risk Management and Compliance Policy

8/29/2019

Policy providing requirements for managing IT risks and compliance with applicable legal, regulatory, statutory security requirements and contractual obligations.

VM-SP-550-110

VolunteerMatch Third Party Risk Management Policy

8/29/2019

Policy defining requirements for regulating, monitoring and evaluating the third parties who are granted access to VolunteerMatch’s information or information processing facilities.

VM-SP-550-140

VolunteerMatch Acceptable Encryption Policy

8/29/2019

Policy that limit the use of encryption to those algorithms that have received substantial public review and have been proven to work effectively.

VM-SP-550-150

VolunteerMatch Data Retention Policy

8/29/2019

Policy that defines retention periods for any user originated data.



Document Number

Standards Documents

Activity Dates

Description

VM-SP-550-30

VolunteerMatch Application Development Standard

8/29/2019

Standard for application development, addressing specific security controls and protections that should be integrated into all application and supporting infrastructure from their inception and throughout the development lifecycle.

VM-SP-550-40

VolunteerMatch Security Incident Response Standard

8/29/2019

Standard defining requirements that will apply to preparation for and response to security incidents.  These requirements govern guidelines for system design,and standard operating procedures for incident response.

VM-SP-550-80

VolunteerMatch Network and Wireless Security Standard

8/29/2019

Standard addressing the general security control requirements that are applicable to the protection of the VolunteerMatch network including wireless network in order to protect VolunteerMatch’s information assets from unauthorized access and disclosure.

VM-SP-550-90

VolunteerMatch Password Management Standard

8/29/2019

Standard defining requirements for managing risks associated with password management and provides user guidelines for passwords.

VM-SP-550-100

VolunteerMatch Systems and Mobile Device Security Standard

8/29/2019

Standard addressing security control requirements applicable to the protection of Information Systems which includes Servers, Workstations and Mobile Computing Devices. This Standard also covers various risks associated with the use of Mobile Computing Devices.

 

Miscellaneous Documents

 

Regulatory Compliance - Applicability Matrix

Inventory of regulatory requirements applicable to VolunteerMatch operations

Privacy Policy

https://www.volunteermatch.org/legal/privacy.jsp

Terms of Use

https://www.volunteermatch.org/legal/terms.jsp



 

Was this article helpful?
0 out of 0 found this helpful