Risk Assessment Checklist

Risk Assessment Check List
Information Security Policy
1.
Information security policy document
Does an Information security policy exist, which is approved by the management, published and
communicated as appropriate to all employees?
Does it state the management commitment and set out the organizational approach to
managing information security?
2. Review and Evaluation
Does the Security policy have an owner, who is responsible for its maintenance and review
according to a defined review process?
Does the process ensure that a review takes place in response to any changes affecting the
basis of the original assessment, example: significant security incidents, new vulnerabilities or
changes to
organizational or technical structure?
Organizational Security
Information security infrastructure
1. Allocation of information security responsibilities
a. Are responsibilities for the protection of individual assets and for carrying out specific
security processes clearly defined?
2. Co-operation between organizations
a. Are the appropriate contacts with law enforcement authorities, regulatory bodies, utility
providers, information service providers and telecommunication operators maintained to
ensure that appropriate action can be quickly taken and advice obtained, in the event of an
incident?
3. Independent review of information security
Page 1/9
Free Download

Risk Assessment Checklist PDF

Favor this template? Just fancy it by voting!
  •  
  •  
  •  
  •  
  •  
(0 Votes)
0.0
Related Forms
  •  
  •  
  •  
  •  
  •  
4 Page(s) | 5377 Views | 302 Downloads
  •  
  •  
  •  
  •  
  •  
2 Page(s) | 1963 Views | 40 Downloads
  •  
  •  
  •  
  •  
  •  
2 Page(s) | 2318 Views | 73 Downloads
  •  
  •  
  •  
  •  
  •  
5 Page(s) | 3012 Views | 46 Downloads
  •  
  •  
  •  
  •  
  •  
4 Page(s) | 2068 Views | 41 Downloads