IT-Security: The Legal Stuff

These are just some notes I took. I have no idea, please leave me alone.

Bids

Note: Some of these seem like duplicates and are super weirdly phrased. I think this is due to legal jargon that has some reason or another.

• Access Control: Access to data processing facilities used to process personal data must be denied to unauthorized persons.
• Storage Medium Control: Prevent reading, copying, modifying, and the removal of storage mediums.
• Storage Control: Preventing unauthorized input, access, modification, or deletion of stored personal data.
• User Control Preventing the use of data transmission equipment by unauthorized persons.
• Access Control: Users may only access data in accordance with their access permissions.
• Transmission Control: Determining whether and to which entities personal data may be transmitted.
• Input Control: It must be possible to determine what data is entered into the data processing system, when, and by whom.
• Organizational Control: Organize the responsible body in a manner that ensures compliance with data protection requirements.