Include a description of how the organization manages security practices in the disclosure report.
CONTROL ID 15784
CONTROL TYPE Establish/Maintain Documentation
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Include disclosures for each material topic in the disclosure report., CC ID: 15658
This Control has the following implementation support Control(s):
Include trends in the frequency of incidents in the disclosure report., CC ID: 15511
Include trends in the origination of incidents in the disclosure report., CC ID: 15512
Include trends in incident type in the disclosure report., CC ID: 15510
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
The reporting organization shall report how it manages security practices using Disclosure 3-3 in GRI 3: Material Topics 2021. (§ 1. 1.1, GRI 410: Security Practices 2016)
The identity of agency personnel, by job classification, and other agencies, persons, or categories to whom disclosures of personal information are made or to whom access to the personal information system may be granted, including the purposes of access and any restrictions on disclosure, access, a… (§ 487N-7 (b)(9), Hawaii Revised Statutes Volume 11 Chapter 487N, Security Breach of Personal Information)