Level 2 Supporting Policies
      Back to home
      1. HealthSafe Help Center
      2. HS ISO27001 Documents
      3. Level 2 Supporting Policies

      11. Healthsafe Internet Connectivity



      INTERNET CONNECTIVITY MANAGEMENT POLICY



      Document Identification 

      HSNZ/POL/11

      Document Name

      Internet Connectivity Management Policy

      Master Copy

      CISO

      Version Number

      1.2

      Date Of Release 

      15 Aug 2023

      Prepared By

      Eparama Tuibenau

      CISO

      Approved by

      Kevin McAfee

      Managing Director

       


      VERSION HISTORY


      Sl No

      Version No.

      Prepared by

      Approved by

      Description of Version

      Date

      Reason for Version Change

      From

      To

      1

      1.0

      -

      CISO

      MD

      First Release

      14 Apr 2020 

      No changes made

      1

      1.0

      1.1

      CISO

      MD

      Updated

      24 Jun 2021 

      Modifications due to changes in HealthSafe

      1

      1.1

      1.2

      CISO

      MD

      Reviewed

      15 Aug 2023 

      Reviewed

      DOCUMENT STATUS


      Date

      Document Status

      14 Apr 2020

      Modified

      24 Jun 2021

      Reviewed
      15 Aug 2023 Current


      Table of Contents

      1 Purpose


      2 Scope


      3 Input


      4 Output


      5 Interacting Process


      6 Abbreviations, Acronyms and Definitions


      7 Procedure


      8 Monitoring the Process


      9 Records






      1. PURPOSE
        The purpose of this document is to establish and maintain a policy for internet connectivity management for HealthSafe NZ.

      2. SCOPE
        These procedures applies to all aspects of Internet Connectivity Management  Policy

      3. ABBREVIATIONS, ACRONYMS AND DEFINITIONS

      Abbreviation

      Description

      IT

      Information Technology Department

      TL/PM

      Team Lead / Project Manager

      CISO

      Chief Information Security Officer

      OPS

      Operations

      4 INPUT

      • Required Software

      5 OUTPUT

      • Improved cyber safety for HealthSafe Employees and Contractors

      6 INTERACTING PROCESS

      • Internet Service Provider(s), Employees, Contractors, CISO

      7 PROCEDURE


      1. IT team will continuously monitor internet connectivity via BitNinja and AWS Security Hub cyber tools.
      2. IT team will maintain the Outage Log for internet connectivity downtime to our AWS server.
      3. When there is a server outage, the IT team will communicate to all staff through email or Slack.
      4. CISO makes contact with the AWS Account Manager to notify of the outage.
      5. Incident report is prepared, corrective and preventive measures are recorded and implemented.
      6. IT will email everyone as soon as the outage has been resolved.
      7. OPS notify the affected clients.

      8 MONITORING THE PROCESS

      • Internet/system outage is not exceeding 48 hours in a year.  
      • Monitor the internet/system usage outage activity process by keeping a log outage being detected, log of email or Slack notification sent after outage detection, time to escalate and resolve outage, and log of outage resolution email or Slack notification.

      9 RECORDS

      • Outage Log
      • Incident Report
      • Emails/Slack notifications
      • Escalation Reports