Download Free ISO 27001 Information Security Management Questionnaire Certification as per ISO 27001
The purpose of this ISO 27001 Information Security Management Questionnaire Certification is to collate information within the scope of the project meeting in order to prepare a quotation and assist the certification body in contract review. It forms part of the audit documentation. The statements will be verified during audit stage
ISMS responsibility for the ISMS
- has been fully and separately regulated on all levels (e.g. independent ISMS representative)
- to some extent includes supervisory, cross-site functions (e.g. at operating level)
- is administered at all levels by the persons responsible for the other MS
Download Free Wireless Network Communication Security Policy
The purpose of this policy is to secure and protect the information assets owned by
This policy specifies the conditions that wireless infrastructure devices must satisfy to connect to
Download Free Information Risk Management Templates
The processes outlined in this Best Practice Guide, have been developed in line with the current Australian Standard for Risk Management AS/NZS 4360:1999, HB 143:1999 Guidelines for managing risk in the Australian and New Zealand public sector and the MAB-MIAC Advisory Board - Guidelines for Managing Risk in the Australian Public Service (1996).
The Guide also takes agency requirements in terms of responsibilities for establishing a policy and systems for risk management into consideration, in accordance with the Financial Management Standard (1997) (S 83,84 & 85).
Download Free Vulnerability Assessment and Penetration Testing Plan Templates
Vulnerability Assessment - Utilizing vulnerability scanners all discovered hosts can then be tested for vulnerabilities. The result would then be analyzed to determine if there any vulnerability that could be exploited to gain access to a target host on a network. A number of tests carried out by these scanners are just banner grabbing/ obtaining version information, once these details are known, the version is compared with any common vulnerability and exploits (CVE) that have been released and reported.
Benefits of Vulnerability Assessments
- Build and broaden awareness.
- Establish or evaluate against a baseline.
- Identify vulnerabilities and develop responses.
- Categorize key assets and drive the risk management process.
- Develop and build internal skills and expertise.
Download Free SAS 70 IT Control Objectives Toolkit. This Statement Auditing Standards (SAS) no 70 contain samples of Program Change Control, Access Control and Computer Operation Control Objectives as described below:
Program Change Control
- Ensure that production environment changes are approved by management prior to implementation in accordance with documented policies and procedures.
- Ensure that necessary modifications to the existing production environment are implemented within the timeframes required by documented policies and procedures.
- Ensure that modifications to the production environment are tested prior to implementation and function consistent with documented policies and procedures.