|
|
Questions to Gauge Security Awareness
This is my response to a post asking for high level questions to gauge
security awareness in an organization:
1. What number would you call to report a computer security incident?
2. Who is your information security officer?
3. Where are the information security policies kept?
4. Where do you save your files? (should be a network drive)
5. What actions do you take when someone leaves the team?
6. What is business continuity? How do you participate in it?
7. How do you handle, store and dispose of sensitive information?
8. What is operations security?
Kind regards,
Gideon
Gideon T. Rasmussen
CISSP,
CISA,
CISM,
SCSA
Charlotte, NC
http://www.virtualcso.com
http://www.infosecresources.com
http://groups.yahoo.com/group/insider-threat
Posted:
Tue Jun 6, 2006 2:37 am
|
|
|
|
|