Information Security Risk Assessment Questionnaire

Subscriber Content
Screenshot of the first page of Information Security Risk Assessment Questionnaire

Organizations can use this IT risk assessment questionnaire to review and document the risk profile of their information processing activities.

Sample questions include: Has a forum been established to oversee and represent information security? If so, describe its governance/meeting schedule/structure. Has a process been established to coordinate the implementation of information security measures? If so, describe the process. Are security awareness programs in place? If so, describe the programs. (They should ensure that employees understand ethical and unethical uses of information and technology.) Are responsibilities for the accomplishment of information security requirements clearly defined? If so, how are these responsibilities assigned?


Topics
Risk Assessment
IT Infrastructure
Segregation of Duties
Governance Risk & Compliance
IT Security
Fixed Assets

Related Resources

Policies & Procedures

Information Security Development Policy

Audit Reports

ISO 27001 Information Security Assessment Report

Audit Reports

IT Risks and Controls Review Report

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It