Help › All Categories Enterprise Security Assessment > Data and Asset Security > Asset and Information Management

Does the policy for information handling include the following?

book reader icon
1 Minute
12/06/2024
facebook logo gray
linkedin logo gray
mail logo gray
Policy including...
Answer
... encryption requirements?Yes.
... storage requirements including authorized use of Public Cloud storage?No Public Cloud Storage in use.
... electronic transmission security requirements including email, web, and file transfer services?Yes.
... removable media (Thumb Drives, DVDs, Tapes, etc.) requirements?No removable media in use.
Last update 10 months ago

Do you have a set of information security policies or programes in place?

A set of information security policies are in place, covering the areas of Network Security, Change & Incident Management, Passwords, Access and Acceptable Use.

Do you have owners assigned responsible for all information security processes?

Yes. Information security process responsibility ownership lies with management and includes creation and regular external review.

Is Information classified according to legal or regulatory requirements, business value, and sensitivity to unauthorized disclosure or modification?

Yes. Any information handled by QR Planet is classified in accordance with common best praictes, compliance requirements and our internal policies.

Has an owner been assigned to all Information Assets?

Yes. All information asstets have an owner assigned. Management regularly monitors and reviews compliance with any regulatory body or applicable rulesets.

Do you have assigned owners responsible for the review and monitoring of information security incidents or events?

Yes. Information security process responsibility ownership lies with management, as does the constant review and monitoring of information security incidents.