Risk Assessment

  • Has a security risk assessment been executed?

  • Have secure area's been defined?

  • Is the risk assessment up-to-date?

  • NASATKA security risk assessments.

Security policies & plans

  • Has a security plan been defined (in line with risk assessment)?

  • Has a security policy been defined?

  • Has a document classification policy been defined?

  • Has clear desk policy been defined?

  • Are security rounds and clear desk checks planned?

  • Is a key management policy in place?

  • Contingency/Disaster recovery plan?

Controls

  • Access control systems in place (keys or card readers) in line with secure areas defined?

  • How is authorization, registration, and review of authorization of keys and badges organized?

  • Safe storage of keys and badges?

  • Access control systems in place (IT systems)?

  • How is authorization and review of authorization of IT systems organized?

  • Is the password of admin user stored safely?

  • Are backups made ?

  • Safe storage of backup media?

  • Results of clear desk rounds documented?

  • Follow up on clear desk rounds?

Generics

  • Notes

  • Open issues

  • Possitives

  • Findings

The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. Any ratings or scores displayed in our Public Library have not been verified by SafetyCulture for accuracy. Users of our platform may provide a rating or score that is incorrect or misleading. You should independently determine whether the template is suitable for your circumstances. You can use our Public Library to search based on criteria such as industry and subject matter. Search results are based on their relevance to your search and other criteria. We may feature checklists based on subject matters we think may be of interest to our customers.