4.3
Security Objectives Rationale
This section describes the rationale for security objectives. The security objectives are for upholding the
assumptions, countering the threats, and enforcing the organisational security policies that are defined.
4.3.1
Correspondence Table of Security Objectives
Table 11 describes the correspondence between the assumptions, threats and organisational security policies,
and each security objective.
T.DOC.DIS
T.DOC.ALT
T.FUNC.ALT
T.PROT.ALT
T.CONF.DIS
T.CONF.ALT
P.USER.AUTHORIZATION
P.SOFTWARE.VERIFICATION
P.AUDIT.LOGGING
P.INTERFACE.MANAGEMENT
P.STORAGE.ENCRYPTION
P.RCGATE.COMM.PROTECT
A.ACCESS.MANAGED
A.ADMIN.TRAINING
A.ADMIN.TRUST
A.USER.TRAINING
Table 11 : Rationale for Security Objectives
X
X
X
X
X
X
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
Page 42 of 93
X
X
X
X
X
X
X
X
X