Title Page

  • Site conducted

  • Conducted on

  • Prepared by

  • Location

Xcellink Annual Cybersecurity Health Check

  • Do you have a written cybersecurity policy?

  • Is your cybersecurity policy reviewed and updated at least annually?

  • Do you have a Chief Information Security Officer (CISO) or equivalent?

  • Do you have a staff comprised of at least two full-time equivalent (FTE) employees dedicated to cybersecurity?

  • Do you have a designated incident response team?

  • Do you have a business continuity/disaster recovery plan that includes cybersecurity?

People

  • Are your users aware of cyber security threats?

  • Do users know how o respond to attempted or actual cyber-attacks?

  • Are users restricted to what information and business systems they can access?

Processes

  • Do you have and maintain a list of IT and information assets?

  • Do you allow users to use their own devices?

  • How are risks managed within your organisation?

  • Are your devices regularly updated (patched)?

  • Do you have company-wide policies for IT and cyber security?

Technology

  • Does your company secured connect to the Internet?

  • Are your systems regularly checked for vulnerabilities?

  • Are your systems monitored for threats and potential cyber-attacks?

  • Are your devices protected from viruses and malicious software?

  • Is your data backed up?

Data Protection

  • Do you have Data Protection Policies and privacy Notices?

  • Do you have a register of all your personal data information assets?

  • Do you have a nominated individual responsible for data protection?

  • Do you have a formalised data subject access request process?

Organisation

  • Do you have IT and Cyber Support in place?

  • How many physical users in the office?

  • How many remote/home users?

The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.