Information Security Incident Management Archives - Findings

Are endpoints and servers protected via anti-virus, anomaly detection, and forensics capabilities?

Are endpoints and servers protected via anti-virus, anomaly detection, and forensics capabilities?

Do you have a documented security incident response plan which is tested annually?

Do you have a documented security incident response plan which is tested annually?

Are endpoints and servers protected via anti-virus, anomaly detection, and forensics capabilities?

Are endpoints and servers protected via anti-virus, anomaly detection, and forensics capabilities?

Do you have a documented security incident response plan which is tested annually?

Do you have a documented security incident response plan which is tested annually?

Do you merge data sources (e.g., app logs, firewall logs, IDS logs, physical access logs, etc.) for granular analysis and alerting?

Do you merge data sources (e.g., app logs, firewall logs, IDS logs, physical access logs, etc.) for granular analysis and alerting?

Does a formal reporting procedure or guideline exist for users to report security weakness in or threats to, systems or services?

Does a formal reporting procedure or guideline exist for users to report security weakness in or threats to, systems or services?

Do your incident response procedures require notification to the customer within 24 hours in case of a suspect of a data breach?

Do your incident response procedures require notification to the customer within 24 hours in case of a suspect of a data breach?

Does your organization monitor event logs for activity performed by privileged users?

Does your organization monitor event logs for activity performed by privileged users?