|
|
|
|
@ -48,6 +48,7 @@ a:hover {
|
|
|
|
|
<body lang="en-GB">
|
|
|
|
|
|
|
|
|
|
<ul class="change">
|
|
|
|
|
<li> 20100513: With some consensus from policy group, changed the text in 2.2.1.1 to transfer the detailed handling of pre-purchase risks to SM.</li>
|
|
|
|
|
<li> 20100512: Some clarifying tweaks to semantics supplied by Philipp G, added Arb as a role in 9.1.1. but not as critical role. </li>
|
|
|
|
|
<li> 20100511: Introduced "Board" term, tightened "approval" semantics, s/wiped/erased/, slight semantic tweaks. </li>
|
|
|
|
|
<li> 20100502: Made 7.3 blank, "refer to SM" </li>
|
|
|
|
|
@ -281,7 +282,12 @@ Machines shall be housed in secured facilities (cages and/or locked racks).
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h4 id="s2.2.1.1">2.2.1.1 Acquisition </h4>
|
|
|
|
|
<p>
|
|
|
|
|
<p class="change">
|
|
|
|
|
Equipment for critical purposes should be acquired
|
|
|
|
|
in a way to minimise pre-acquisition security risks.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<p class="strike">
|
|
|
|
|
Acquisition of new equipment that is subject to a
|
|
|
|
|
pre-purchase security risk must be done from a
|
|
|
|
|
vendor that is regularly and commercially in business.
|
|
|
|
|
|
Ian Grigg
14 years ago