slider

Enter your information to begin this assessment:

Assessment Description:

How prepared are you to deal with the latest cyber threats? How secure are your systems, employees, and data? This quick assessment will help you get an idea of where you stand.
Assessment Instructions:
Fill in your information and click the "Begin Assessment" button to display the assessment form. Once submitted, a report of your results will be automatically sent to you at the email address provided.

Your Assessment:

1. Do you have a current and frequently updated inventory of all of your IT assets (hardware, software packages, licenses, agreements, etc.)?
No        Somewhat        Yes
2. Do you have a risk management plan that is regularly reviewed and updated?
No        Somewhat        Yes
3. Do you require at least annual/semi-annual security training for all employees?
No        Somewhat        Yes
4. Do you regularly receive, review and monitor threat and vulnerability information for your IT systems and software?
No        Somewhat        Yes
5. Have you identified potential business impacts of a security breach and prepared adequate mitigation strategies for them?
No        Somewhat        Yes
6. Are you actively managing employee access (both physical and virtual), identities, and credentials? For example, are you enforcing strict password policies, implementing role-based permissions for users on all systems, and utilizing strong physical protections (locks, alarms, biometrics, etc.) for critical infrastructure?
No        Somewhat        Yes
7. Do you have a robust firewall, antivirus/anti-malware, and intrusion detection/prevention systems in place?
No        Somewhat        Yes
8. Are you monitoring and controlling employee remote access (VPN, Citrix, etc.) and mobile devices that access your systems so as to prevent the transport, storage or printing of sensitive data outside of company networks?
No        Somewhat        Yes
9. Are your data and systems being securely backed up at regular intervals in geographically distinct regions and do you have a robust disaster recovery plan that is tested on a regular (at least quarterly) basis?
No        Somewhat        Yes
10. Are your un-needed data and obsolete hardware devices being destroyed or disposed of in a secure manner?
No        Somewhat        Yes
11. Do you have an active configuration management and/or change control policy for your IT systems?
No        Somewhat        Yes
12. Are you performing routine vulnerability scans and activity monitoring for all of your IT systems?
No        Somewhat        Yes
13. Do you have established incident response procedures and is your staff aware of it?
No        Somewhat        Yes
14. Are your vendors and suppliers aware of their roles and responsibilities in managing security risks with signed agreements in place?
No        Somewhat        Yes
15. Are employees and senior executives aware of their roles and responsibilities in managing security risks?
No        Somewhat        Yes
16. Do you patch and update of all of your IT systems on at least a weekly basis?
No        Somewhat        Yes
17. Are you ensuring that sensitive data "at rest" (on disk, in a database, etc.) is stored safely utilizing strong encryption as necessary?
No        Somewhat        Yes
18. Are you ensuring that sensitive data "in transit" (moving over the network or internet) is securely encrypted as necessary?
No        Somewhat        Yes
19. Do you have an up-to-date policy for personal (user-owned) device security standards (encryption, anti-virus, software, etc.) that is strictly enforced?
No        Somewhat        Yes
20. Are you routinely communicating the latest high-risk security threats and scams/phishing attempts to your employees?
No        Somewhat        Yes
 

Copyright © Netizen Corporation. All Rights Reserved.