4.3
Security Objectives Rationale
This section describes the rationale for security objectives. The security objectives are for upholding the
assumptions, countering the threats, and enforcing the organisational security policies that are defined.
4.3.1
Correspondence Table of Security Objectives
Table 10 describes the correspondence between the assumptions, threats and organisational security policies,
and each security objective.
T.DOC.DIS
T.DOC.ALT
T.FUNC.ALT
T.PROT.ALT
T.CONF.DIS
T.CONF.ALT
P.USER.AUTHORIZATION
P.SOFTWARE.VERIFICATION
P.AUDIT.LOGGING
P.INTERFACE.MANAGEMENT
P.STORAGE.ENCRYPTION
P.RCGATE.COMM.PROTECT
A.ACCESS.MANAGED
A.ADMIN.TRAINING
A.ADMIN.TRUST
A.USER.TRAINING
Table 10 : Rationale for Security Objectives
X
X
X
X
X
X
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
Page 40 of 91
X
X
X
X
X
X
X
X
X