Professional Documents
Culture Documents
e-Governance
Draft
Document Control
S/L
Type of Information
1.
Document Title
2.
3.
4.
5.
6.
7.
8.
Document Code
Date of Release
Next Review Date
Document Revision Number
Document Owner
Document Author(s)
Document Reference
Document Data
e-Gov Contact with Special interest group
and authorities guidelines
GL_eGov_CWSIG
DietY
Document Approval
Sr. No.
Document Approver
Approver Designation
Approver E-mail ID
Nature of Change
Date of Approval
Page 2 of 89
1.
IN TR O D UC T IO N ................................................................................................................................... 4
2.
SCOPE ................................................................................................................................... 4
3.
PURPOSE ............................................................................................................................ 45
4.
4.1
4.2
4.3
5.
6.
REF ER E NC E ........................................................................................................................................... 8
Page 3 of 89
In the world of fast changing technology it becomes essential for an organization to keep
updated itself regarding latest technology, security threats and vulnerabilities. It becomes
essential for CISO to maintain appropriate contact with special interest groups and authorized
information security forums for receiving and distributing the updates on new vulnerabilities,
security threats, regulations
2. SCOPE
These guidelines are applicable to State Data Centre and Disaster recovery site, and SWAN. It is
also applicable to CISO who will be responsible for maintaining contacts with Special Interest
Groups in the interest of e-Gov service deliverys security posture.
3. PURPOSE
Page 4 of 89
Contact person;
Address of authority;
This list should be updated by data centre head and Legal and Regulatory Function respectively
as and when any changes are made.
Page 5 of 89
Data centre head should designate one person at each location as a contact person
who can be contacted in case of any emergency. Additionally, one more person
should be designated as contact person who can be contacted in case the first
person is unavailable.
Data centre head should circulate the telephone numbers of both contact person to
all users and keep them updated of any changes.
In case of an emergency, all users should contact the contact person and inform
about the incident.
The contact person should establish contact with the relevant authority and inform
the incident mentioning location and nature of the incident.
The Contact person should assist the authority staff in handling the situation.
Data centre head should appoint a Single Point of Contact (SPOC) to maintain
contact with HOD of User Departments for clarification, approvals and any changes/
updates in laws or regulations.
SPOC should intimate all functions within e-Gov service delivery regarding any
changes in laws and regulations.
Page 6 of 89
The CISO shall maintain contacts with the following special interest groups, but not limited to:
Application Vendors: Contacts with vendors for application used within state Data
centre. Environment should be maintained to ensure latest threats and
vulnerabilities applicable to these applications are addressed.
CISO shall be associated with the above companies/ institutions with an objective to:
Page 7 of 89
Receive early warnings of alerts, advisories, and patches pertaining to attacks and
vulnerabilities;
CISO shall appoint SPOC for contacting special interest groups. SPOC shall
Update CISO fortnightly on latest security threats, vulnerabilities and latest updates.
6. REFERENCE
ISO 27001/IEC 27001:2013 information security standard:
Page 8 of 89