PDF Archive

Easily share your PDF documents with your contacts, on the Web and Social Networks.

Share a file Manage my documents Convert Recover PDF Search Help Contact



Expose Questionnaires .pdf


Original filename: Expose_Questionnaires.pdf

This PDF 1.5 document has been generated by , and has been sent on pdf-archive.com on 22/03/2019 at 13:11, from IP address 193.85.x.x. The current document download page has been viewed 340 times.
File size: 116 KB (1 page).
Privacy: public file




Download original PDF file









Document preview


Cyber Security Questions

What
information
security
policies are
in place,
How often
What is your including
do you
name and
staff
review your
organisation awareness /
security
?
training /
policies?
enforcement
/ and
personal
contractual
obligations?

Safeguarding Questions

What do you
understand
the potential
threats and
risks to your
personnel to
be?

Legal Compliance Questions

Do you have
an antibribery and
anticorruption
policy? If
so, please
supply a
copy.

Who is
responsible
for
establishing
and
maintaining
the policies?
e.g
Administrat
or, IT
Manager.

What is the
process for
informing
clients or
funders in
the event
that you
experience a
security
breach?

Do you
employ a
security or
risk
managemen
t officer?

What
systems do
How do you
you have in
assess and
place to
monitor the
monitor
threats and
threats /
risks to your
risk to staff
staff?
on a ongoing
basis?

How often
do you
conduct
internal
reviews on
their risk
managemen
t and
security
frameworks
?

Do you have
a code of
conduct for
employees?
If so, please
supply a
copy.

Tell us about
any
procedures
you have in
place
related to to
gifts,
hospitality,
facilitation
payments,
vetting
outside
agents and
advisers,
and lobbying
and political
contribution
s.

Do you have
written
procedures
available for
staff and
contracted
consultants?
If so, please
provide a
copy.

What
training do
you provide
to your
officers and
employees?

Do you have
any
Information
Security
certification
s such as
ISO / IEC
27001?

How do you
identify,
assess and
mitigate
new risks,
and monitor
known
risks?

Do you
incorporate
into your
Do you have
contracts
internal
the right to
procedures
terminate
to prevent
employment
bribery?
in case of
breach of
data?

What is your
process for
acquiring,
maintaining
and
disposing of
hardware?

When you
buy new
hardware/so
ftware, do
you change
the default
Do you test
settings,
the security
such as
of new
removing
systems?
default
administrato
r accounts or
changing the
default
password?

Do you
incorporate
anti-bribery
and anticorruption
clauses into
your
commercial
contracts?

If so, please
provide the
language
that is used.

What due
diligence do
you conduct
before
entering into
arrangemen
ts with other
parties?

Do you have
controls to
prevent or
reduce the
Do you limit
ability for
the ability of
staff to
your staff to
remove
install new
information software?
from your
organisation
?

Where do
you store
your data?
e.g. Google
Drive, on
site server

How is
sensitive
information
encrypted
and/or
restricted?

Have you
ever faced
an
allegation of
bribery or
corruption?

Do you carry
How would
out any
you deal
checks
with an
during the
allegation of
processing
bribery or
of
corruption?
payments?

Have you
conducted a
risk
assessment
to assess
the risk of
discriminati
on in your
organisation
?

Describe
your method
and
frequency
for backing
up data. Is
backup
media
encrypted?

When did
you last test
your backup
If so, how is
procedures
Do you store
that facility
to
any backup
secured/veri
demonstrate data offsite?
fied?
that data
can be
restored?

Do you have
a written
discriminati
on policy
Do you have
that is
a data
communicat
protection
ed to your
officer?
staff? If so,
please
provide a
copy.

Are your
staff vetted
according to
the
sensitivity
of their
role?

Have you
trained your
team to
ensure
How do you
understandi
process and
Do you have
ng of data
store
insurance?
protection
personal
principles,
data?
responsibiliti
es and
risks?

If so, how
are they
vetted?

What is the
physical
How is your security of
building /
the areas in
office access which your
secured?
servers /
equipment
are kept?

Do you
review
access lists
and remove
access for
those people
who no
longer need
it?

How long
can your
systems
remain
active in the
event of a
power
failure?

Have you
kept a
record of all
data
identified
and
documented
?

How do you
fact check
data and
information
prior to
publishing or
sharing it?

Have you
thought
about
liability and
how to
mitigate
risk?

Does the
Do you
organisation
conduct
process
criminal
personal
records
data of
checks?
children?

If you have
a firewall
set up,
please
describe
below.

How do you
monitor
your
network for
attacks?

Do you use
intrusion
detection or
prevention
systems?

What is your
procedure in Do you have
the event of a system to
a security
log, manage
incident e.g. and review
data breach security
or a cyber
incidents?
attack?

Have you
carried out
Do you use
any
How do you
any type of Do you
penetration ensure the
encryption
provide WiFi If so, how do
testing? e.g. correct data
for data
access in
you secure
a consultant access is
transfer or
your
it?
hacking your given to
communicat offices?
system to
staff?
ions?
test its
security

What is your
password
Do you
policy?
educate
(Please
staff on
mention
password
complexity,
best
length and
practice?
change
frequency)

If so, how?

Do you
utilise twofactor
authenticati
on on any
systems?

Are any of
your IT
systems
outsourced?

If so, to
whom?

Do you carry
out risk
If so, how is
assessments
this
of any
achieved?
outsourced
functions?

If a user of a
system
forgets their
password,
Do you
what is the
delete all
If so, please
process for
data when it describe the
having this
is no longer process.
reset and
current?
how is this
communicat
ed to the
user?

Are your
Do you
systems and
forward any
processes
If so, please
donor or
subject to
describe the
personal
regular
process.2
data to third
internal
parties?
audit?

Have you
Do you carry
ever
out
experienced
independent
any type of
external
cyber
audits?
breach?

Have you
ever
experienced
a cyber
attack?


Document preview Expose_Questionnaires.pdf - page 1/1

Related documents


PDF Document tips for small businesses to be safe online
PDF Document how to promote cyber security awareness within your organization
PDF Document one of the many responsibilities as a business is 236 4
PDF Document 17
PDF Document the 10 step hipaa compliance review
PDF Document cpanel whm license


Related keywords