Questions to Gauge Security Awareness
This is my response to a post asking for high level questions to gauge
security awareness in an organization:
1. What number would you call to report a computer security incident?
2. Who is your information security officer?
3. Where are the information security policies kept?
4. Where do you save your files? (should be a network drive)
5. What actions do you take when someone leaves the team?
6. What is business continuity? How do you participate in it?
7. How do you handle, store and dispose of sensitive information?
8. What is operations security?
Kind regards,
Gideon
Gideon T. Rasmussen
CISSP, CISA, CISM, SCSA
Charlotte, NC
gideon@...
http://www.ussecurityawareness.org
http://www.gideonrasmussen.com
Posted:
Tue Jun 6, 2006 2:37 am
Copyright © 2002 - 2007 Gideon T. Rasmussen All Rights Reserved.
Legal Notices