|
The Level 0 assessment allows a company to use NetDiligence’s QuietAudit® online tool to evaluate its own security controls and privacy measures—a thorough, efficient way to prepare for regulator reviews or to perform general risk management housekeeping.
QuietAudit® produces an online summary scorecard based on the answers to about 100 simple questions . Clients typically take about two hours to complete the questions, which focus on the ISO 27002 cyber security best practices standards associated with these fourteen categories:
Current events (e.g.
new
....regulations and laws, recent
....exploits and viruses,
etc.)
Security policy
Security organization
Asset classification and control
Personnel security
Physical and environmental
....security
Computer and network
....management
System access controls
System development and
....maintenance
Business continuity planning
Security compliance
Internet liability (website
....content intellectual property
....infringement)
Privacy and regulatory
....compliance
|
|
Optional Assessment categories
can be ‘bolted-on’, including:
GLBA 501(b) compliance
HIPAA
Records Management (RIM)
and more . . . |
The Level 0 executive level summary report reveals a network’s strengths and vulnerabilities in a format suitable for presenting to senior management or a board of directors. It’s an efficient approach to validating best practices and establishing the baseline level of due-care network security and privacy measures.
More About QA
|
