Security Roles and Responsibilities Assessment Checklist

Download Free Security Roles and Responsibilities Assessment Checklist

- Are security roles and responsibilities clearly defined?
- Has someone been assigned to audit the firewall on a regular basis?
- Has someone been assigned to upgrade the firewall when necessary?
- Do all managers understand both their own security roles and responsibilities and those of the people who report to them?
- Do support personnel have specific preventive procedures to follow? (Make sure they're not just running in react mode.)
- Is someone assigned to regularly conduct firewall penetration tests from the Internet? (A new test is required after each major change or upgrade to the firewall.)
- Is firewall administration adequately funded?
- Are firewall upgrades and routine maintenance adequately funded?
- Is intrusion-detection software installed on networks and systems?
- Is auditing software installed on mission-critical systems?
- Are emergency response roles and responsibilities clearly—and formally—defined?
- Are lessons learned from break-ins shared and used to build better processes? (Don't tolerate information hoarders on your staff!)
- Is virus protection installed at every entry point?