Summary
This document is a checklist focused on cyber security inspections within an organization. It outlines various inspection categories, including People, Physical Security, Account and Password Management, Confidentiality of Sensitive Data, Disaster Recovery, Security Awareness, and Compliance. Each category contains specific questions regarding current practices and policies, with flagged items indicating areas that require attention. For instance, the checklist notes that a current picture is not part of the ID badge, and there are no procedures to prevent computers from being left in a logged-on state. Additionally, it highlights the absence of a procedure for notifying authorities in the case of a disaster or security incident. The checklist concludes with overall recommendations, such as replacing ID badges with employee photos, reviewing security and disaster policies, and conducting employee training on cyber security policies. The document serves as a tool for assessing and improving an organization's cyber security measures.
