Screen Reader Mode Icon

Question Title

* To be completed by the person most knowledgeable about the information technology practices at your organization. RESULTS WILL NOT BE SHARED OUTSIDE OF ACS TECHNOLOGIES GROUP, INC.

Question Title

* Do you maintain an inventory of all hardware devices connected to your network? (laptops, servers, network switches, routers, wireless access points, IOT devices, etc.)

Question Title

* Approximately how many hardware devices are connected to your network? (laptops, servers, network switches, routers, wireless access points, IOT devices, etc.)

Question Title

* Does your organization require users to have a unique login for each account?

Question Title

* Does your organization require passwords to be at least 16 characters in length?

Question Title

* Are all devices with access to the organization's systems configured with antivirus and firewall protections?

Question Title

* Does your organization ensure only authorized devices are given access to your networks (including wireless)?

Question Title

* Does your organization use a rigorous configuration and change control process to manage the security of laptops, servers, and workstations?

Question Title

* Does your organization’s website protect all sensitive information transmissions with HTTPS  encryption?

Question Title

* Does your organization have information security policies and procedures in place?

Question Title

* Are your information security policies and procedures reviewed and updated yearly?

Question Title

* Has your organization ever been a victim of cybercrime (e.g. ransomware, network breaches, malware, and/or social engineering scams)?

Question Title

* If your organization has been a victim of cybercrime please indicate all of the following actions taken after the event:

Question Title

* Does your organization actively manage all software on the network (including wireless networks) to ensure only authorized software can be installed?

Question Title

* Does your organization require the use of multifactor authentication for all remote login access to email, VPN, and cloud services?

Question Title

* Do you patch your operating systems and applications at least quarterly to ensure they are up to date?

Question Title

* Do you have procedures in place for emergency patching? (Zero-day exploits are already in progress and often require more urgent updating.)

Question Title

* Are all laptop and mobile devices with access to the organization's systems encrypted OR password protected?

Question Title

* Do administrators have two separate logins; one for administrative and another for non-administrative functions?

Question Title

* Does your organization have dedicated IT personnel?

Question Title

* Does your organization have an incident response plan (“IRP”) and team in place?

Question Title

* Does your organization require yearly information security training for staff/volunteers with access to systems or data (e.g. how to handle sensitive data, prevent phishing and other social engineering attacks)?

Question Title

* Does your organization back up critical information?

Question Title

* Do you conduct background checks on all staff / volunteers at least every 2 years?

Question Title

* Do you have security cameras monitoring your organization's premises?

Question Title

* Has your organization ever had an independent third-party conduct vulnerability and/or network penetration scanning?

Question Title

* Please share any comments or recommendations you have concerning this survey.

Disclaimer: This survey seeks to provide you with a better understanding of your organization’s information security posture. This survey touches on industry best practices, but is only a partial information security assessment.
( Privacy & Cookie Notice
0 of 27 answered
 

T