Section 19(2) in Rajasthan Bhamashah (Direct Transfer of Public Welfare Benefits and Delivery of Services) Rules, 2018
(2)Such information security policy may provide for,-(a)identifying and maintaining an inventory of assets associated with the information and information processing facilities;(b)implementing controls to prevent and detect any loss, damage, theft or compromise of the assets;(c)allowing only controlled access to confidential information;(d)implementing controls to detect and protect against virus/malwares;(e)a change management process to ensure information security is maintained during changes;(f)a patch management process to protect information systems from vulnerabilities and security risks;(g)a robust monitoring process to identify unusual events and patterns that could impact security and performance of information systems and a proper reporting and mitigation process;(h)partitioning of BRDH net work into zones based on risk and trust;(i)deploying necessary technical controls tor protecting BRDH network;(j)service continuity in case of a disaster;(k)monitoring of equipment, systems and networks;(l)measures for fraud prevention and effective remedies in case of fraud;(m)requirement of entering into non-disclosure agreements with the personnel;(n)provisions for audit of internal systems and networks;(o)restrictions on personnel relating to processes, systems and networks;(p)inclusion of security and confidentiality obligations in the agreements or arrangements with the agencies, consultants, advisors or other persons engaged by the Authority.
