Written Assignment #1 1
Written Assignment #1
Checklist for pending audit
, Written Assignment #1 2
1. Vulnerability scanning or penetration testing
2. current network architecture meets the company need.
3. Remote access to other networks with 2-factor authentication
4. Person is allotted to the security who is separate from IT department
5. IT Policies are updated.
6. networks or operating systems are completely up to date.
7. disaster recovery is kept in mind before migrating and same with business
continuity plans.
8. centralized log management is up to date.
9. Intrusion prevention system is installed and management is considered before
using it.
10. Test each plan and keep them up to date.
11. Sufficient information loss prevention systems to save data.
Questions
1. Are employees have a right to access organisational private information outside
the company?
2. Is organisation being at the risk of any kind such as viruses?
3. What areas of organisation is under the risk?
4. Does the Organization have dedicated IT Staff?
5. Are there formal change management procedures?
6. Is there any strategic IT plan for the company based on Business needs?
7. Are there measures to update strategic IT plan?
8. Whether password policy exists or not?
9. Is remote access available to the company’s data?
Written Assignment #1
Checklist for pending audit
, Written Assignment #1 2
1. Vulnerability scanning or penetration testing
2. current network architecture meets the company need.
3. Remote access to other networks with 2-factor authentication
4. Person is allotted to the security who is separate from IT department
5. IT Policies are updated.
6. networks or operating systems are completely up to date.
7. disaster recovery is kept in mind before migrating and same with business
continuity plans.
8. centralized log management is up to date.
9. Intrusion prevention system is installed and management is considered before
using it.
10. Test each plan and keep them up to date.
11. Sufficient information loss prevention systems to save data.
Questions
1. Are employees have a right to access organisational private information outside
the company?
2. Is organisation being at the risk of any kind such as viruses?
3. What areas of organisation is under the risk?
4. Does the Organization have dedicated IT Staff?
5. Are there formal change management procedures?
6. Is there any strategic IT plan for the company based on Business needs?
7. Are there measures to update strategic IT plan?
8. Whether password policy exists or not?
9. Is remote access available to the company’s data?
