Interconnection Security Agreement (ISA)
- What are the IHS security training requirements?"
All IHS information system users must take annual security and privacy training in order to fulfill federal mandates and regulations.
- Are any data services offered by IHS such as off line backup or use auditing as required in the "Interconnection Security Agreement"?
- We have a backup and recover system - is this good enough or is there some specific standard needed to comply with the ISA?
- How do you suggest we audit/monitor our users? What software should we use and who pays for the software?
- Where do we find the security awareness training site? How is it used? Is this a web site? Is it a paper test?
- Do you have examples of the disaster recovery plan or the security plan so we have some idea what it should look like?
- Our site hosts our own RPMS database - do we still need to sign an Interconnection Security Agreement?