Initial review questions

Prior to viewing this section, here is a quiz to determine the relevance of the section to you or your business:

1.      Is information security management relevant to your business?

2.      Do you have an organisation information security policy?

3.      Who in your organisation management has the greatest impact on the management of information security?

4.      How do you monitor and manage security issues?

5.      Do you have an information classification structure designed to identify and protect valuable information in your organisation?

6.      User training is an essential component of information security management. How do you train your staff?

7.      What levels of access control would be of most value to your business, how do you set and monitor them?

8.      Do you have Business Continuity Plans and how often do you test them?

9.      How often do you review your information security management procedures?

10.  Does your Chief Executive or Managing Director know how a security breach will be handled?

If you are not able to provide complete answers to any of these questions then this part of Practitioner.Com will help you to assess your exposure, determine the correct controls to reduce your level of information security risk to an acceptable level and help you to improve your personal or organisational information security management.