Do you have a formal information security management system in place?
Yes
6
33.33%
No
12
66.67%
Is there senior leadership sponsorship for security initiatives?
Yes
5
41.67%
No
7
58.33%
Do you store or process any Personally Identified Information?
Yes
4
100.00%
No
0
0.00%
Are any of your applications or systems hosted in cloud infrastructure?
Yes
4
100.00%
No
0
0.00%
Do you have a information security Policy in place?
Yes
1
25.00%
No
3
75.00%
Do you have security council established that makes security related decisions?
Yes
1
25.00%
No
3
75.00%
Do you have Cyber incident policy in place?
Yes
1
25.00%
No
3
75.00%
Do you have data protection policy established and operationalized?
Yes
1
25.00%
No
3
75.00%
Do you have formal patch management process established?
Yes
1
25.00%
No
3
75.00%
Do you conduct regular security penetration testing?
Yes
0
0.00%
No
3
100.00%
Do you conduct vulnerability assessment on a regular basis?
Yes
0
0.00%
No
3
100.00%
Do you have a Security Information and Event Management system?
Yes
0
0.00%
No
2
100.00%
Do you have Host Intrusion Detection systems installed on all servers and devices?
Yes
1
50.00%
No
1
50.00%
Do you have a firewall in place?
Yes
1
50.00%
No
1
50.00%
Do you have Host Prevention Detection systems installed on all servers and devices?
Yes
0
0.00%
No
2
100.00%
Do you have Data loss prevention in place?
Yes
0
0.00%
No
2
100.00%
Total Score: 0