WM-IT-005 Anti Virus Policy And Procedure – Docs

Revision Table

Release No.	Date	Revision Description
Rev. 0	21-MAC-2018	New Release
Rev. 1	26-SEP-2022	Amendment To Template Layout And Cover Page Amendment To Approval By Name And Position Revised, Restructure And Strengthen Existing Policy New Annual Review Section New Windows Applications
Rev. 2	25-SEP-2023	Remove Revision & Date Revised From Page 1 to 5 On Header Section Remove Next Review On Page 2 Move Approval From Page 4 To Page 5
Rev. 3	21-NOV-2023	Remove Remarks On Page 2 3.0 Annual Review – Update Annual Review To Review
Rev. 4	19-DEC-2023	Approval – Update New Layout And Move To Page 3 2.0 Review By – Move To Page 3
Rev. 5	29-NOV-2024	Revised, Restructure And Strengthen Existing Policy
Rev. 6	07-JAN-2025	Move Entire Policy To Cloud For Easy Access From Anywhere. Revised Header And Sub-Header Numbering

1. INTRODUCTION

In today’s digital landscape, cyber threats such as viruses, malware, and ransomware pose significant risks to organisations, potentially leading to data breaches, operational disruptions, and financial losses. As part of its commitment to maintaining a secure and resilient IT environment, Widetech Manufacturing Sdn Bhd has established this Anti-Virus Policy to safeguard its information systems and ensure compliance with international security standards, including the Customs Trade Partnership Against Terrorism (CTPAT) requirements.

This policy outlines the necessary guidelines and procedures to prevent, detect, and respond to malicious software threats. It applies to all employees, contractors, vendors, and third-party users who interact with the organisation’s IT resources. By enforcing strict security measures, Widetech Manufacturing Sdn Bhd aims to:

Protect Sensitive Data: Ensuring that confidential company information remains secure from cyber threats.
Maintain System Integrity: Preventing malware infections that could disrupt business operations or compromise system functionality.
Strengthen Organisational Security: Implementing proactive measures to reduce vulnerabilities and enhance IT security across all digital assets.

All users must adhere to this policy to ensure compliance and uphold the integrity of Widetech Manufacturing Sdn Bhd’s IT security framework. Failure to comply with these guidelines may result in disciplinary action or restricted access to company resources.

This document serves as a reference for understanding the roles and responsibilities of all stakeholders in maintaining cyber security within the organisation. Through collective compliance and adherence to best practices, Widetech Manufacturing Sdn Bhd will continue to foster a secure and resilient IT infrastructure.

2. SCOPE

This policy is applicable to all individuals who interact with or utilise the Information Technology resources of Widetech Manufacturing Sdn Bhd, including but not limited to employees, contractors, vendors, and third-party service providers. It encompasses any person or entity authorised to access, manage, or utilise the organisation’s technological assets.

The policy extends to all types of devices and systems, including desktops, laptops, servers, mobile devices, and other network-connected hardware that forms part of the organisation’s Information Technology infrastructure. It further includes any software applications or tools deployed to detect, prevent, and address malicious threats, such as anti-virus programs, firewalls, and intrusion detection systems.

This policy applies to all Information Technology systems and resources, regardless of whether they are located on-premises, accessed remotely, or operated via cloud-based platforms. It is designed to ensure comprehensive protection for all digital assets linked to the organisation’s network, including those owned by the company and those temporarily or permanently connected by authorised users.

The scope of this policy also includes external parties, such as vendors and contractors, whose devices must comply with the outlined security measures before accessing the organisation’s resources. By defining this broad scope, Widetech Manufacturing Sdn Bhd ensures a unified and consistent approach to Information Technology security across all levels of engagement and operation.

3. POLICY STATEMENT

Widetech Manufacturing Sdn Bhd is committed to safeguarding the security, integrity, and reliability of its information technology systems through the implementation of effective measures to prevent, detect, and mitigate threats posed by viruses, malware, and other malicious software. This policy establishes a framework of standards and practices that ensures all Information Technology resources are adequately protected against evolving cyber threats.

The organisation mandates the use of approved anti-virus software on all devices connected to its network, including but not limited to desktops, laptops, mobile devices, and servers. This software must be configured to perform real-time scanning, automatic updates, and routine security checks to ensure continuous protection.

It is the responsibility of all employees, contractors, vendors, and third-party users to comply with this policy by ensuring that their devices meet the organisation’s Information Technology security requirements. Any unauthorised tampering with, disabling of, or failure to maintain anti-virus software on devices will be treated as a violation of this policy and may result in disciplinary or contractual action.

The organisation recognises the importance of proactive measures, including regular system audits, prompt response to identified threats, and robust patch management, to ensure the safety of its Information Technology infrastructure. Widetech Manufacturing Sdn Bhd also emphasises the role of education and training, ensuring all users understand their responsibilities in maintaining a secure Information Technology environment.

By adhering to this policy, Widetech Manufacturing Sdn Bhd not only ensures compliance with Customs Trade Partnership Against Terrorism (CTPAT) requirements but also demonstrates its commitment to fostering a culture of security, trust, and accountability throughout the organisation.

4. ANTI-VIRUS SOFTWARE INSTALLATION AND MAINTENANCE

To ensure the security and integrity of Widetech Manufacturing Sdn Bhd’s Information Technology infrastructure, all endpoints—including workstations, servers, and mobile devices—must have company-approved anti-virus software installed and fully operational at all times. This software serves as a primary line of defence against viruses, malware, and other malicious threats that could compromise the organisation’s systems and data.

Anti-virus software installed on all devices must be configured to:

Update Automatically: Regular updates are crucial to protect against newly identified threats. The software must automatically download and install the latest virus definitions and patches to ensure optimal effectiveness.
Run Scheduled Scans: Anti-virus software must be set to perform full system scans at least once a week to identify and mitigate any threats that may have bypassed real-time scanning mechanisms.

To maintain compliance with this policy, any device that fails to meet the prescribed anti-virus requirements will be immediately restricted from accessing the organisation’s network. This includes devices with outdated software, disabled anti-virus features, or those that lack the required configuration.

Information Technology personnel will monitor compliance through routine system audits and automated reporting tools. Non-compliant devices will remain isolated until the necessary remediation steps have been completed, such as updating software, reconfiguring settings, or reinstalling the anti-virus application.

By enforcing these measures, Widetech Manufacturing Sdn Bhd ensures a consistent and proactive approach to Information Technology security, minimising vulnerabilities and protecting against potential cyber threats.

5. REAL-TIME PROTECTION

Real-time protection is a critical component of Widetech Manufacturing Sdn Bhd’s Information Technology security strategy, ensuring that all systems are continuously safeguarded against malicious threats as they arise. To achieve this, all anti-virus programs deployed across the organisation must have real-time scanning enabled and operational at all times.

Real-time scanning ensures that every file accessed, downloaded, or modified is immediately checked for potential threats, including viruses, malware, ransomware, and other malicious software. This functionality allows the anti-virus software to:

5.1 Detect Threat Immediately

Identify malicious files or suspicious activity the moment they occur, preventing them from causing harm to systems or spreading across the network.

5.2 Respond Proactively

Quarantine or block identified threats before they can compromise data or disrupt operations, ensuring minimal risk to the organisation’s Information Technology resources.

Real-time protection must not be disabled, paused, or tampered with by any user under any circumstances. Information Technology administrators will periodically audit devices to confirm that real-time scanning is active and functioning correctly.

By enforcing the use of real-time protection, Widetech Manufacturing Sdn Bhd strengthens its defences against cyber threats, reduces the risk of security breaches, and ensures compliance with industry best practices and regulatory standards such as the Customs Trade Partnership Against Terrorism (CTPAT).

6. THREAT DETECTION AND RESPONSE

Efficient threat detection and response are fundamental to ensuring the security and resilience of Widetech Manufacturing Sdn Bhd’s Information Technology systems. This policy outlines the procedures and responsibilities for handling malicious threats, ensuring a swift and effective resolution to minimise risks and maintain operational integrity.

6.1 Automatic Quarantine and Logging

All detected threats, including viruses, malware, and suspicious files, must be automatically quarantined by the organisation’s anti-virus software. Quarantining ensures that potential threats are isolated from the system, preventing them from spreading or causing further harm.

Additionally, every detected threat must be logged automatically. These logs should include detailed information such as:

The type of threat identified.
The affected file(s) or system(s).
The date and time of detection.
The action taken by the anti-virus software (e.g., quarantine or deletion).

Logs will be securely stored and regularly reviewed to identify patterns or recurring vulnerabilities that require attention.

6.2 Review and Response by the Information Technology Department

The Information Technology Department is responsible for promptly reviewing all detected threats and taking appropriate action based on the severity and nature of the issue. The following steps must be followed:

Initial Assessment: Analyse the logged information to understand the threat’s source, type, and potential impact.
Remediation: Determine and implement the necessary steps to remove the threat, such as deleting malicious files, restoring affected systems, or applying additional security patches.
Reporting: Document the incident, including the steps taken for resolution, and report findings to relevant stakeholders if required.

6.3 Escalation Protocols for High-Risk Threats

For threats deemed high-risk—such as those involving ransomware, advanced persistent threats (APTs), or vulnerabilities affecting critical systems—the Information Technology Department must escalate the issue in accordance with established protocols. Escalation procedures include:

Immediate Notification: Inform Information Technology Department and relevant stakeholders.
Enhanced Measures: Isolate affected systems to prevent the threat from spreading across the network.
External Support: Engage with cybersecurity experts or external consultants if the threat requires advanced expertise.

6.4 Ongoing Monitoring and Prevention

Following the resolution of any threat, the Information Technology Department will conduct a post-incident review to identify root causes and implement measures to prevent recurrence. These measures may include user training, software updates, or changes to Information Technology security configurations.

By adhering to these procedures, Widetech Manufacturing Sdn Bhd ensures a proactive and systematic approach to threat detection and response, reinforcing the organisation’s commitment to Information Technology security and compliance with CTPAT standards.

7. PATCH MANAGEMENT

Effective patch management is essential for maintaining the security and functionality of Widetech Manufacturing Sdn Bhd’s Information Technology infrastructure. This policy ensures that all anti-virus software and its associated virus definitions are consistently updated to provide protection against the latest threats, including emerging viruses, malware, and other malicious software.

7.1 Keeping Anti-Virus Software and Definitions Up-to-Date

Anti-virus software installed on all endpoints, including desktops, servers, and mobile devices, must be configured to automatically download and apply updates as they become available. These updates are critical for:

Threat Protection: Ensuring the software can detect and mitigate the most recent security threats.
Enhanced Features: Incorporating improvements to anti-virus performance and detection capabilities.
Fixing Vulnerabilities: Addressing any weaknesses in the software that could be exploited by attackers.

Failure to maintain up-to-date anti-virus software may leave systems vulnerable to attacks and compromise the organisation’s overall Information Technology security posture.

7.2 Responsibility of the Information Technology Department

The Information Technology Department is tasked with overseeing the patch management process to ensure all systems remain secure and compliant with organisational policies. Their responsibilities include:

Regular Monitoring: Verifying that automatic updates are functioning correctly and identifying any systems that have missed updates.
User Notification: If automatic updates fail or manual intervention is required, the Information Technology Department will promptly notify affected users with clear instructions on how to proceed.
Centralised Updates: For systems under centralised Information Technology management, the department will deploy updates remotely to minimise disruption to users.

7.3 User Responsibilities

All employees, contractors, and third-party users are expected to comply with the organisation’s update requirements. Users must:

Ensure their devices are connected to the network to receive automatic updates.
Follow Information Technology Department instructions in cases where manual updates are required.
Report any issues or errors encountered during the update process to the Information Technology Department without delay.

7.4 Auditing and Compliance

The Information Technology Department will perform regular audits to confirm that all anti-virus software and definitions are up-to-date across the organisation’s devices. Audit findings will be documented, and corrective actions will be implemented to address any non-compliance.

By maintaining a robust patch management policy, Widetech Manufacturing Sdn Bhd ensures its anti-virus software remains effective against evolving threats, reinforcing the organisation’s commitment to Information Technology security and compliance with CTPAT standards.

8. USER RESPONSIBILITIES

To maintain a secure Information Technology environment and protect Widetech Manufacturing Sdn Bhd’s systems from cyber threats, all users—including employees, contractors, and authorised third parties—must adhere to the following responsibilities. These responsibilities ensure the effectiveness of the organisation’s anti-virus measures and contribute to a cohesive Information Technology security framework.

8.1 Prohibition of Disabling or Tampering with Anti-Virus Software

Users must not disable, modify, or tamper with any anti-virus software or its configurations under any circumstances. This includes actions such as:

Turning off real-time scanning.
Disabling automatic updates.
Changing security settings that could reduce the effectiveness of the software.

Tampering with anti-virus software undermines the organisation’s ability to detect and respond to threats, putting systems, data, and operations at risk. Any unauthorised interference will be treated as a violation of this policy and may result in disciplinary action or revocation of access privileges.

8.2 Reporting Malware Infections

Employees and other users must remain vigilant and report any suspected malware infections or unusual system behaviour to the Information Technology Department immediately. Examples of issues to report include:

Unauthorised pop-ups, error messages, or warnings from anti-virus software.
Unexplained slow performance or unusual activity on devices.
Files or programs behaving unexpectedly or disappearing.

Timely reporting ensures the Information Technology Department can take swift action to isolate and remediate threats, minimising potential damage and preventing the spread of malware across the organisation’s network.

8.3 Adherence to Information Technology Department Instructions

Users are required to follow all guidance and instructions provided by the Information Technology Department regarding anti-virus software usage, updates, or threat management. This includes:

Allowing the installation of updates or patches.
Following procedures for malware remediation as instructed.
Cooperating during audits or investigations related to Information Technology security.

8.4 Fostering a Culture of Responsibility

All users must recognise their role in maintaining Information Technology security and act responsibly when using Widetech Manufacturing Sdn Bhd’s systems. Regular training and awareness initiatives will be conducted to educate users on recognising cyber threats and understanding the importance of compliance with this policy.

By fulfilling these responsibilities, users help protect the organisation’s Information Technology systems, data, and operations, ensuring the continued security and reliability of Widetech Manufacturing Sdn Bhd’s technological infrastructure.

9. VENDOR AND CONTRACTOR ACCESS

To maintain the integrity and security of Widetech Manufacturing Sdn Bhd’s Information Technology systems, all vendors, contractors, and third-party service providers accessing the corporate network must adhere strictly to this anti-virus policy. The following requirements and restrictions apply to ensure that external devices do not compromise the organisation’s cybersecurity.

9.1 Compliance with the Anti-Virus Policy

Any device owned or operated by vendors or contractors that requires access to the corporate network must comply fully with the organisation’s anti-virus standards. This includes, but is not limited to:

Installing and maintaining company-approved anti-virus software on their devices.
Ensuring that anti-virus software is up-to-date with the latest virus definitions and patches.
Activating real-time protection and conducting regular scans to detect and mitigate potential threats.

Compliance will be verified before granting network access, and non-compliant devices will be denied entry until they meet the required standards.

9.2 Prohibition of External Systems Without Approved Anti-Virus Software

Devices or systems that do not have approved anti-virus software installed, or fail to meet the organisation’s security requirements, are strictly prohibited from accessing company resources. This includes:

Corporate networks, servers, or databases.
Cloud-based systems and applications hosted by the organisation.
Any other Information Technology infrastructure owned or managed by Widetech Manufacturing Sdn Bhd.

Devices attempting unauthorised access may be flagged and monitored, and corrective measures will be implemented to prevent further attempts.

9.3 Information Technology Department Oversight

The Information Technology Department is responsible for ensuring that all external devices are assessed and approved before being granted network access. This includes:

Conducting security checks to verify compliance with the anti-virus policy.
Monitoring vendor and contractor activity on the network to detect any potential threats or non-compliance issues.
Providing assistance to vendors and contractors in meeting the organisation’s anti-virus requirements, if necessary.

9.4 Vendor and Contractor Agreements

All vendors and contractors must acknowledge and agree to the terms of this policy as part of their contractual agreement with Widetech Manufacturing Sdn Bhd. Breaches of this policy may result in the suspension of access privileges or termination of the contract, depending on the severity of the violation.

9.5 Promoting Collaborative Security

Widetech Manufacturing Sdn Bhd values its partnerships with vendors and contractors and encourages open communication to ensure mutual understanding and adherence to security policies. Collaborative efforts to maintain Information Technology security not only protect company resources but also strengthen relationships with external partners.

By enforcing these measures, the organisation ensures that all devices connecting to its network are secure, reducing the risk of malware infections or breaches originating from external sources. This approach reflects Widetech Manufacturing Sdn Bhd’s commitment to maintaining a robust cybersecurity framework in line with industry best practices and CTPAT requirements.

10. MONITORING AND COMPLIANCE

To ensure the effectiveness of Widetech Manufacturing Sdn Bhd’s anti-virus policy and maintain the highest level of Information Technology security, the organisation will actively monitor compliance through structured oversight, regular audits, and system health checks. Adherence to this policy is mandatory for all employees, contractors, vendors, and third-party users, with non-compliance addressed promptly and appropriately.

10.1 Information Technology Department Monitoring Responsibilities

The Information Technology Department is tasked with overseeing compliance with this anti-virus policy and will implement a range of monitoring activities, including:

Regular Audits: Scheduled audits will be conducted to evaluate the presence, functionality, and effectiveness of anti-virus software on all devices connected to the corporate network. This includes verifying that updates, real-time protection, and scheduled scans are operational.
System Health Checks: Routine health checks will be performed to ensure that all devices meet the organisation’s Information Technology security standards. Any anomalies or issues detected during these checks will be addressed immediately.
Incident Tracking: The Information Technology Department will maintain a log of any detected threats, infections, or security incidents to identify trends, recurring issues, and areas requiring improvement.

These monitoring activities ensure that the organisation’s Information Technology infrastructure remains protected against evolving cyber threats and vulnerabilities.

10.2 Addressing Non-Compliance

Non-compliance with this policy will be taken seriously and addressed promptly to minimise risks to the organisation. Actions for non-compliance may include:

Corrective Measures: Non-compliant devices will be flagged, and users will be required to take corrective actions, such as installing or updating anti-virus software, enabling real-time protection, or reconfiguring settings.
Disciplinary Action for Employees: Employees found in breach of this policy—whether through negligence or deliberate action—may face disciplinary measures, ranging from verbal warnings to suspension or termination of employment, depending on the severity of the violation.
Restrictions for Vendors and Contractors: Vendors or contractors who fail to comply with this policy may have their network access privileges revoked or restricted until compliance is achieved. Repeated violations may result in contract termination.

10.3 Encouraging Compliance

To foster a culture of compliance and accountability, the organisation will:

Provide Training and Awareness: Regular training sessions will educate users on the importance of anti-virus measures, how to comply with the policy, and the potential consequences of non-compliance.
Offer Support and Guidance: The Information Technology Department will provide assistance to users, vendors, and contractors in meeting the policy requirements, ensuring that compliance is achievable and straightforward.

10.4 Reporting and Review

The Information Technology Department will compile reports on compliance activities, audit findings, and incidents of non-compliance. These reports will be reviewed periodically by management to assess the effectiveness of the policy and identify opportunities for improvement.

By actively monitoring and enforcing compliance, Widetech Manufacturing Sdn Bhd ensures a secure and resilient Information Technology environment while demonstrating its commitment to upholding industry standards and meeting CTPAT requirements.

11. PROCEDURES

Ensuring that all devices within Widetech Manufacturing Sdn Bhd’s Information Technology infrastructure are equipped with properly installed and configured anti-virus software is a fundamental step in safeguarding the organisation’s digital assets. This process is critical for creating a secure foundation that protects against malware, viruses, and other cyber threats from the moment a device is introduced to the network.

11.1 Information Technology Department Responsibilities

Information Technology personnel are responsible for managing the installation and configuration of anti-virus software on all eligible devices, including desktops, laptops, servers, and mobile devices. This task will be carried out as part of the following processes:

Onboarding: During the onboarding of new employees, contractors, or authorised third-party users, Information Technology personnel will ensure that all devices issued by the organisation are equipped with the latest version of company-approved anti-virus software.
Device Setup: For any new or replacement devices introduced to the organisation’s network, anti-virus software must be installed and configured before the device becomes operational or gains access to corporate resources.

11.2 Installation Requirements

To maintain consistency and effectiveness, Information Technology personnel will follow these guidelines during installation:

Approved Software: Only anti-virus software that has been vetted and approved by the organisation will be used. This ensures compatibility with existing systems and adherence to Widetech Manufacturing Sdn Bhd’s security standards.
Real-Time Scanning Enabled: Anti-virus software will be configured to enable real-time scanning, ensuring that threats are detected and neutralised immediately upon detection.
Automatic Updates: The software will be set to receive and install updates automatically to maintain protection against the latest security threats.
Scheduled Scans: Information Technology personnel will configure the software to perform regular, scheduled scans, ensuring that all devices are thoroughly checked for potential vulnerabilities.

11.3 Verification and Testing

After installation, Information Technology personnel will verify that the anti-virus software is functioning correctly and has been configured according to the organisation’s policy. This includes conducting a test scan to ensure that the software detects and responds to threats as expected.

11.4 Documentation and Records

Information Technology personnel will document the installation and configuration process for each device, recording details such as the software version, configuration settings, and any issues encountered during setup. This documentation will be maintained as part of the organisation’s Information Technology records and will serve as a reference for future audits or troubleshooting.

By ensuring that all devices are equipped with properly installed and configured anti-virus software, Widetech Manufacturing Sdn Bhd establishes a robust defence against cyber threats, aligning with best practices and fulfilling its obligations under CTPAT requirements.

12. UPDATING ANTI-VIRUS SOFTWARE

Regularly updating anti-virus software and its virus definitions is essential for maintaining the effectiveness of Widetech Manufacturing Sdn Bhd’s Information Technology security systems. Updates ensure that the software remains capable of identifying and mitigating the latest threats, thereby protecting the organisation’s digital infrastructure from potential vulnerabilities.

12.1 Automatic Updates

All anti-virus software installed on the organisation’s devices must have automatic updates enabled. This ensures that:

Real-Time Protection: The software is always equipped with the latest virus definitions to identify and neutralise emerging threats.
Software Functionality: Security patches and performance enhancements are applied as soon as they are released by the software provider.

Information Technology personnel are responsible for verifying that auto-update settings are enabled during the installation and configuration process. Automated updates significantly reduce the risk of outdated software, which could leave systems vulnerable to attacks.

12.2 Manual Update Checks

While automatic updates are the primary method of maintaining up-to-date software, manual checks must be conducted as a contingency measure. Information Technology personnel will:

Perform Monthly Checks: Review the update status of all devices on a monthly basis to identify systems that may have missed automatic updates.
Manually Install Updates: Apply updates manually for any devices that have not received them automatically, ensuring no system remains unprotected.

This dual approach of automated and manual updates guarantees comprehensive coverage and minimises risks associated with technical failures or connectivity issues.

12.3 Notification to Users

In cases where manual intervention is required, Information Technology personnel will notify affected users promptly, providing clear instructions on how to install updates. Users must comply with these instructions to ensure their devices remain secure.

12.4 Monitoring and Reporting

The Information Technology Department will utilise monitoring tools to track the update status of all devices within the organisation. Reports will be generated to:

Identify patterns of update failures.
Highlight devices that require attention.
Provide insights for improving update processes.

These reports will be reviewed regularly as part of the organisation’s Information Technology compliance and security oversight.

12.5 Policy Compliance

Employees, contractors, and third-party users must not disable or interfere with the update settings of their anti-virus software. Any attempt to bypass update protocols will be treated as a violation of the organisation’s Information Technology security policy and may result in disciplinary action.

By ensuring that anti-virus software remains updated through automated and manual processes, Widetech Manufacturing Sdn Bhd reinforces its commitment to Information Technology security and compliance with industry standards, including CTPAT requirements. This proactive approach mitigates risks and enhances the organisation’s resilience against cyber threats.

13. HANDLING INFECTIONS

Addressing and mitigating the impact of malicious software infections is a critical part of maintaining the security and integrity of Widetech Manufacturing Sdn Bhd’s Information Technology systems. This policy outlines the procedures for managing detected threats effectively, ensuring minimal disruption to operations while safeguarding sensitive data and network resources.

13.1 Automatic Quarantine of Detected Threats

All detected threats, including viruses, malware, and other suspicious files, will be quarantined automatically by the organisation’s anti-virus software. Quarantining ensures that:

Immediate Containment: The infected file or program is isolated, preventing it from interacting with other files or systems.
Risk Mitigation: Potential damage to the system or network is minimised by halting the threat’s activity.

Quarantined files are stored in a secure, restricted area where they cannot cause harm, allowing Information Technology personnel to safely analyse and address the issue.

13.2 Analysis and Response by Information Technology Personnel

The Information Technology Department is responsible for reviewing all quarantined files to assess the nature and severity of the threat. The analysis process includes:

Identifying the Source: Determining how the threat entered the system (e.g., email attachment, website, or external device).
Evaluating the Impact: Assessing the potential damage the threat could cause, such as data corruption, unauthorised access, or operational downtime.
Determining the Best Course of Action: Depending on the severity of the threat, actions may include deleting the infected file, restoring affected systems, or applying additional security patches.

For low-risk threats, Information Technology personnel may clear the file after verifying that it poses no harm. High-risk threats will be escalated according to established protocols for further action.

13.3 Isolation of Affected Systems

In cases where an infection is identified, and there is a risk of the threat spreading, affected systems will be immediately isolated from the network. Isolation procedures include:

Disabling Network Access: Temporarily disconnecting the device from the corporate network to prevent the spread of malware.
Preventing Further Infection: Ensuring other systems remain unaffected while the issue is being addressed.

Once the threat has been neutralised, the system will be reintegrated into the network after thorough testing and verification.

13.4 Documentation and Reporting

All incidents involving malware infections will be documented by the Information Technology Department, including:

A description of the detected threat.
Actions taken to resolve the issue.
Steps implemented to prevent recurrence.

Incident reports will be shared with senior management and used to refine Information Technology security policies and processes.

13.5 User Education and Prevention

Following an infection, Information Technology personnel may provide additional training to users involved to reduce the likelihood of future incidents. This may include:

Recognising phishing attempts or suspicious emails.
Safely handling external devices and media.
Adhering to Information Technology security best practices.

By adhering to these procedures for handling infections, Widetech Manufacturing Sdn Bhd ensures a robust response to threats, minimising potential risks and maintaining compliance with CTPAT and other security standards.

14. AUDITING AND REPORTING

Regular auditing and comprehensive reporting are essential components of Widetech Manufacturing Sdn Bhd’s approach to Information Technology security. These practices ensure compliance with anti-virus policies, identify vulnerabilities, and facilitate continuous improvement in safeguarding the organisation’s Information Technology systems against threats.

14.1 Quarterly Audits of Anti-Virus Compliance

The Information Technology Department will carry out quarterly audits to assess compliance with the organisation’s anti-virus policy. These audits will include:

Verification of Software Deployment: Ensuring that all eligible devices have the organisation’s approved anti-virus software installed.
Evaluation of Software Performance: Confirming that features such as real-time protection, scheduled scans, and automatic updates are functioning as intended.
Compliance Check for External Devices: Reviewing devices used by vendors, contractors, and third-party users to verify that they meet the organisation’s anti-virus standards.

Audits will also involve monitoring for any unauthorised changes to software settings and identifying devices that have failed to update or run scans.

14.2 Documentation of Audit Results

The findings of each audit will be meticulously documented, including:

A summary of compliance levels across the organisation.
Details of any non-compliant devices or systems, along with reasons for non-compliance.
Recommended corrective actions to address identified gaps or vulnerabilities.

14.3 Incident Reporting

In addition to regular audits, all incidents involving detected threats or infections will be reported. These reports will include:

The type and severity of the threat.
Actions taken to resolve the issue.
The potential impact on the organisation’s operations and data security.

Incident reports serve as a valuable resource for understanding trends, identifying recurring vulnerabilities, and developing strategies to prevent future threats.

14.4 Management Review and Feedback

Audit results and incident reports will be shared with senior management to provide a comprehensive overview of the organisation’s Information Technology security posture. This review process ensures that:

Strategic Decisions: Management is equipped with the information needed to allocate resources effectively and prioritise Information Technology security initiatives.
Policy Updates: Feedback from management may inform updates to existing policies, ensuring they remain relevant and effective in addressing evolving threats.
Accountability: A clear record of audits and incidents reinforces accountability at all levels of the organisation.

14.5 Continuous Improvement

Insights gained from audits and reports will be used to refine Information Technology security processes and anti-virus measures. The Information Technology Department will implement lessons learned to enhance compliance, improve threat detection, and reduce risks.

By conducting regular audits and maintaining thorough reporting practices, Widetech Manufacturing Sdn Bhd ensures a proactive approach to Information Technology security, fostering a culture of compliance and accountability. This commitment aligns with industry best practices and supports the organisation’s adherence to CTPAT requirements.

15. EMPLOYEE TRAINING

Employee training is a vital component of Widetech Manufacturing Sdn Bhd’s Information Technology security strategy. Ensuring that employees are knowledgeable about malware threats and their role in safeguarding the organisation’s Information Technology systems not only reduces vulnerabilities but also fosters a culture of accountability and awareness.

15.1 Annual Training Sessions

The organisation will conduct comprehensive training sessions for all employees on an annual basis. These sessions will focus on:

Recognising Malware Threats: Employees will be taught how to identify common signs of malware infections, including:

Unexpected pop-ups or error messages.
Suspicious email attachments or links.
Unusual device behaviour, such as slow performance or unauthorised activity.
Avoiding Risky Behaviour: Guidance on safe internet browsing, email handling, and the responsible use of removable media (e.g., USB drives) will be provided to minimise the likelihood of malware infections.

15.2 Understanding Employee Responsibilities

Training will emphasise the critical role employees play in maintaining Information Technology security. Key responsibilities include:

Adhering to Policies: Employees must comply with anti-virus policies, including keeping software updated and not disabling real-time protection.
Reporting Issues: Employees will learn how to promptly report suspected malware infections or other security concerns to the Information Technology Department.
Collaborating with Information Technology Personnel: Understanding and cooperating with Information Technology instructions during threat remediation or compliance checks.

15.3 Interactive Learning

To enhance engagement and retention, training sessions will incorporate interactive elements such as:

Scenario-Based Exercises: Practical examples of phishing attempts, ransomware attacks, and other threats to help employees apply their knowledge in real-world situations.
Quizzes and Assessments: Periodic evaluations to measure understanding and reinforce key concepts.

15.4 New Employee Onboarding

In addition to annual training, all new employees will receive Information Technology security training as part of their onboarding process. This ensures that every team member is equipped with the knowledge and skills necessary to contribute to a secure Information Technology environment from the outset.

15.5 Ongoing Awareness Initiatives

To supplement formal training, the organisation will implement ongoing awareness initiatives throughout the year, such as:

Regular Updates: Sharing newsletters, email alerts, or intranet posts highlighting new threats and best practices.
Workshops and Refresher Courses: Offering optional sessions for employees to deepen their understanding of specific Information Technology security topics.

15.6 Monitoring and Evaluation

The effectiveness of training programmes will be assessed through:

Feedback from Participants: Collecting input from employees to identify areas for improvement.
Compliance Audits: Measuring adherence to Information Technology security policies as a reflection of training success.

15.7 Commitment to Continuous Improvement

The training content and methods will be reviewed annually to ensure they remain up-to-date with the latest threats, trends, and technologies.

By providing comprehensive and engaging training, Widetech Manufacturing Sdn Bhd empowers employees to recognise and respond to malware threats effectively, strengthening the organisation’s overall Information Technology security and supporting compliance with CTPAT requirements.

16. ENFORCEMENT

To ensure the effectiveness of Widetech Manufacturing Sdn Bhd’s anti-virus policy and maintain a secure Information Technology environment, strict enforcement measures will be applied. Compliance with this policy is mandatory for all employees, contractors, vendors, and third-party users. Failure to adhere to the outlined standards and procedures may result in serious consequences.

16.1 Dicilplinary Action for Employees

Employees found in violation of this policy, whether through negligence or deliberate action, may face disciplinary measures. These measures will be determined based on the severity and nature of the violation and may include:

Verbal or Written Warnings: For minor infractions or first-time violations.
Suspension: Temporary removal from duties to address and rectify non-compliance.
Termination of Employment: In cases of severe or repeated violations, particularly those that compromise the security of the organisation’s Information Technology systems or data.

Disciplinary actions will be administered in accordance with the organisation’s HR policies and employment agreements, ensuring fairness and transparency.

16.2 Consequences for External Vendors and Contrators

Vendors, contractors, and third-party service providers who fail to comply with this policy will face immediate restrictions on their access to company resources. Specific consequences may include:

Revocation of Access Privileges: Devices or systems that do not meet the anti-virus standards will be disconnected from the corporate network until compliance is achieved.
Contract Suspension or Termination: Non-compliance that poses a significant risk to the organisation’s Information Technology security or demonstrates a lack of commitment to agreed-upon standards may result in the suspension or termination of contractual agreements.

These measures are intended to safeguard the organisation’s Information Technology infrastructure while maintaining accountability among external partners.

16.3 Incident Review and Accountability

Violations will be thoroughly investigated to determine the cause and extent of the issue. The review process will include:

Incident Analysis: Identifying how the violation occurred and its impact on the organisation’s Information Technology systems.
Corrective Measures: Implementing solutions to address vulnerabilities and prevent future violations.
Individual Accountability: Ensuring that individuals or entities responsible for the violation are held accountable.

16.4 Education and Remediation

Where appropriate, the organisation may provide additional training or support to help violators understand their responsibilities and comply with the policy. This approach aims to reduce future non-compliance while reinforcing a culture of security awareness.

16.5 Zero Tolerance for Willful Misconduct

Intentional tampering with anti-virus software, deliberate breaches of the policy, or actions that endanger the organisation’s Information Technology security will be met with zero tolerance. Such conduct is considered a serious offence and will be addressed accordingly.

16.6 Communication of Policy Enforcement

The enforcement measures outlined in this policy will be clearly communicated to all employees, contractors, and vendors to ensure understanding and alignment with organisational expectations.

By enforcing this policy consistently and fairly, Widetech Manufacturing Sdn Bhd underscores its commitment to Information Technology security and the protection of its systems, data, and operations. This approach aligns with best practices and ensures compliance with CTPAT and other relevant standards.