Table 15: Organizational Security Policies - Xerox WorkCentre 5845 User Information

3.4. Organizational Security Policies
This section describes the Organizational Security Policies (OSPs) that apply
to the TOE. OSPs are used to provide a basis for security objectives that are
commonly desired by TOE Owners in this operational environment, but for
which it is not practical to universally define the assets being protected or the
threats to those assets.
Name
P.USER.AUTHORIZATION
P.SOFTWARE.VERIFICATION
P.AUDIT.LOGGING
P.INTERFACE.MANAGEMENT
Copyright
Xerox Multi-Function Device Security Target

Table 15: Organizational Security Policies

Definition
To preserve operational accountability and security,
Users will be authorized to use the TOE only as
permitted by the TOE Owner.
To detect corruption of the executable code in the
TSF, procedures will exist to self-verify executable
code in the TSF.
To preserve operational accountability and security,
records that provide an audit trail of TOE use and
security-relevant events will be created, maintained,
and protected from unauthorized disclosure or
alteration, and will be reviewed by authorized
personnel.
To prevent unauthorized use of the external
interfaces of the TOE, operation of those interfaces
will be controlled by the TOE and its IT
environment.
24

2013 Xerox Corporation. All rights reserved.