Help › All Categories Enterprise Security Assessment > Human and Organizational Policies > Security Policy

Have all your policies been assigned to an owner responsible for periodic review and approval?

Is this done at least annually?

book reader icon
1 Minute
12/06/2024
facebook logo gray
linkedin logo gray
mail logo gray
Yes. All Policies have defined owners (Management and appropriate consultants) and are reviewed at least annually.
Last update 10 months ago

Do you have a set of information security policies or programes in place?

A set of information security policies are in place, covering the areas of Network Security, Change & Incident Management, Passwords, Access and Acceptable Use.

Did you establish an Incident Management Policy?

Yes. QR Planet's incident management program has been approved by management and was communicated to all appropriate constituents. An owner has been assigned.

Do you have a Privacy Policy regulating the protection of information handled on behalf of clients?

The protection of all information collected, transmitted, processed, disclosed, or maintained by QR Planet on behalf of clients is ensured.

Do you mandate a maximum interval between the availability of a new anti-malware signature update and its deployment?

Yes. The policy-mandated interval between an anti-malware signature update and its deplyment may not exceed 24 hours within QR Planet's environment and network.