Audit Templates (Standalone)

 View Only

Cybersecurity Governance 

04-23-2024 06:37 PM

Identification of Risks/Cybersecurity Governance

For each of the following practices employed by the Firm for management of information security assets, please provide the month and year in which the noted action was last taken; the frequency with which such practices are conducted; the group with responsibility for conducting the practice; and, if not conducted firm wide, the areas that are included within the practice. Please also provide a copy of any relevant policies and procedures.

  • Physical devices and systems within the Firm are inventoried.
  • Software platforms and applications within the Firm are inventoried.
  • Maps of network resources, connections, and data flows (including locations where customer data is housed) are created or updated.
  • Connections to the Firm’s network from external sources are catalogued.
  • Resources (hardware, data, and software) are prioritized for protection based on their sensitivity and business value.
  • Logging capabilities and practices are assessed for adequacy, appropriate retention, and secure maintenance.

For the rest of the procedures login and download the template.

0 Favorited
1 Files
xlsx file
CyberSecurity_Governance (1).xlsx   71 KB   1 version
Uploaded - 04-23-2024

Related Entries and Links

No Related Resource entered.