Information Security Technology Evaluation Template

ComponentScore (0–2)Comments
Strategy

  • Comprehensive information security architecture

  

  • Computing environment segmented into security zones

  

  • Security layered at gateway, server, and client

  

  • Security roadmap includes both strategic and tactical objectives

  

  • Strategy supports current models for conducting business

  
Components

  • AAA

  

  • Anti-virus

  

  • Firewalls

  

  • Vulnerability management

  

  • Intrusion detection

  
Administration

  • Regular scanning and remediation program

  

  • Quarterly penetration testing

  

  • Annual independent audit of security program

  

  • Regular update of anti-virus definitions

  

  • Change management

  

  • Reporting on security incidents and initiatives to executive management and board of directors

  
Total Score (0–32) ...

Get Executive Guide to Information Security, The: Threats, Challenges, and Solutions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial