It agrees that the protection against software maliciososeja based in the awareness of the security, the control of adequate access enos mechanisms of management of changes. One sends regards that the following controls are considered: ) the one formal politics demanding conformity with aslicenas of use of software and forbidding the use of not authorized software; b) one formal politics for protection against riscosassociados with the importation of archives and software, either of external nets or for any another way, indicating quaisas writ of prevention that must be adopted; c) installation and regular update of software dedeteco and magnetic removal of virus for the examination of computers and ways, as much of preventive form as of routine form; d) regular of software and dosdados critical analyses of the systems that support critical processes of the business. e) verification, before the use, the existence of virus to emqualquer archive in magnetic way of unknown or not authorized origin, eem any archive received from not trustworthy nets; f) verification, before the use, the existence of software maliciosoem any archive received through e-mail or imported (download). This evaluation can be made in diverse places, as, for example, in servidoresde e-mail, the personal computers or when of its entrance narede of the organization; Housekeeping Convm that is established routine procedures paraa execution of the copies of security and for the disponibilizao of the resources dereserva, as defined in the contingency strategy, of form it makes possible it restoration in skillful time, controlling and registering events and imperfections and, when necessary, monitoring the operational environment. Copies of security Agree that copies of security of the data and software essenciaisao business are made regularly. It agrees that resources and instalaesalternativos are disponibilizados of form to guarantee that all the data esistemas applicatory essentials to the business can be recouped umdesastre after or problems in medias. It agrees that individual systems are tested backupsde regularly, in way to guarantee that they satisfy business-oriented the requisitosdos plain of continuity.