Online Information Risk Review

Free Resources

Assess your risk

TEMP SCORE

How secure is your business information?

Answer these 12 questions and find out where the principal information risks lie within your business.

If you would like a personalised information risk report please leave your email at the end. Your report will include tips on where to focus your efforts to manage your information risks and strengthen your business for the future.

Question 2

Do you know what information you depend on and where it is?

Yes we do Yes we do but I suspect it may be out of date We have carried out a data audit in the past but it needs to be done again We are planning to have a data audit carried out

Question 3

Do you have a company wide Information Security Policy?

Yes One is being developed We are thinking about it

Question 4

Do you carry out regular risk assessments?

Yes Yes we carry out risk assessment but they may not be regular We have carried out a risk assessment in the past We haven’t carried out any risk assessments yet

Question 5

Do you apply appropriate controls to protect personal information in accordance with current legislation?

Yes we do Yes we do but I could not swear that all of the controls are effective We try to protect all of our personal information We are planning to review our management of personal information

Question 6

Do you provide guidance to employees on information security?

Yes Yes but only key staff We have a policy but it is not always carried out by managers We don’t quite get around to it

Question 7

Have you implemented detection and prevention controls to protect against malicious software?

Yes, we have We have partial coverage but some areas are difficult to deal with We have a malware policy for protecting our critical systems We don’t really have a policy but the IT people do something

Question 8

Are all of your system changes managed within a formal change control process?

Yes, we have All of our critical changes are controlled but the overhead is too great for all changes to be covered We haven’t got around to formalising our change control yet

Question 9

Do you keep audit logs for all security-relevant events?

Yes, we do We do log a number of security related events but not as many as we would like We do audit but we don’t have enough space and the logs are overwritten quite quickly We haven’t got around to sorting out our auditing system yet

Question 10

Does your network team carry out regular vulnerability testing?

Yes, they do We try to but there is a high turnover of staff We have a policy of not checking on our staff

Question 11

Is redundant media and equipment with storage capability securely disposed of when no longer required

Yes, it is We try to but there are always things that slip through the net We don’t have a central policy, parts of the business do their own thing We like to let the staff have first refusal on all equipment and we trust them

Question 12

Does your business have a Contingency Planning process?

Yes, we have We have a process but I am not convinced of its effectiveness We have some contingency but it is sporadic We are always too busy to really get to grips with contingency

Your result was

Well done! You are in the top echelons of effective information risk management. Your organisation should be relatively risk free. If you ever need an expert second opinion please give us a call.

A creditable performance with a significant number of information risks well managed. There are still a few issues that you may need a hand with. If you want to talk these through give us a call. We’d love to help.

It is very honest of you to realise that you are experiencing some significant information risk issues. Talk to us and we will see what we can do to help you to reduce your risks.

Would you like your results emailed directly to you for further reference? Simply enter your email address below. We take your privacy seriously and will never share your details.

Warning: require_once() [function.require-once]: URL file-access is disabled in the server configuration in /home/ascentor/public_html/wp-content/themes/satorii/risk_review.php on line 247

Warning: require_once(http://www.ascentor.co.uk/inc/store-address.php) [function.require-once]: failed to open stream: no suitable wrapper could be found in /home/ascentor/public_html/wp-content/themes/satorii/risk_review.php on line 247

Fatal error: require_once() [function.require]: Failed opening required 'http://www.ascentor.co.uk/inc/store-address.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/ascentor/public_html/wp-content/themes/satorii/risk_review.php on line 247