Get started
Find out your readiness against cyber-attacks or any adversaries, from a people and process point of view through or
free High-level assessment
.
Take advantage of our
free Ransomware assessment
to find out how resilient you are against these types of attacks.
Services
Governance, Risk and Compliance (GRC)
Vulnerability Assessment (VA)
Cybersecurity Consulting
Solutions
Managed Service Providers
Cyber Insurance
Risk Management and Advisory
Pricing
Resources
Compliance and Standards
Why Rezilens
Blogs and News
Events
FAQ
Careers
Free Tools
Login
Get started
Ransomware Resilience Review - Preliminary (25 Questions)
*
1. Have information security policies been issued and made available to all employees – including third-party personnel and contractors?
Yes
Partially
No
This value is required
*
2. Do you have an ongoing security awareness training program that trains employees on how to detect and avoid social engineering attacks?
Yes
Partially
No
This value is required
*
3. Are ID cards issued to all personnel working on-site (i.e. permanent staff, contractors, agency temporary workers and visitors)?
Yes
Partially
No
This value is required
*
4. Are new starters (including contractors and third-party personnel) subjected to a criminal history and background check (e.g. police records, references etc.)?
Yes
Partially
No
This value is required
*
5. When employees leave, is there a check conducted to ensure they do not have access to sponsored accounts and are not in possession of visitor access cards?
Yes
Partially
No
This value is required
*
6. Is there a process in place to restrict access to data centres only to those who have a justified business need for them?
Yes
Partially
No
This value is required
*
7. Do you utilise processes or tools to identify network, application and OS-based system vulnerabilities?
Yes
Partially
No
This value is required
*
8. Is anti-virus software implemented and updated on all systems (i.e. servers, workstations and laptops)?
Yes
Partially
No
This value is required
*
9. Is a list of those users who have Super User/Admin privileges reviewed and revised on a regular basis?
Yes
Partially
No
This value is required
*
10. If administrators remotely access routers and/or firewalls, are they authenticated by using one-time passwords or encrypted logon sessions?
Yes
Partially
No
This value is required
*
11. Do you require users who access systems remotely to do so through a Virtual Private Network (VPN) or any other secure method?
Yes
Partially
No
This value is required
*
12. Are employees prohibited from installing unauthorised, free and/or pirated software on their desktop and laptop computers?
Yes
Partially
No
This value is required
*
13. Is there a process in place to proactively obtain and apply the latest security patches and updates?
Yes
Partially
No
This value is required
*
14. Are backups of business-critical data conducted regularly (at minimum, on a weekly basis)?
Yes
Partially
No
This value is required
*
15. Is there an online mechanism to verify that all backups are complete and successful?
Yes
Partially
No
This value is required
*
16. Do you periodically restore information from backup media to ensure integrity of data?
Yes
Partially
No
This value is required
*
17. Are backups stored in an encrypted format?
Yes
Partially
No
This value is required
*
18. Are regular checks and audits conducted to account for all backup media?
Yes
Partially
No
This value is required
*
19. Are users required to change their passwords after initial logon?
Yes
Partially
No
This value is required
*
20. Is password cracking software used periodically to identity weak passwords?
Yes
Partially
No
This value is required
*
21. Are users instructed to keep their passwords safe through complex passwords and/or password management software?
Yes
Partially
No
This value is required
*
22. Are you utilising Multi Factor Authentication (MFA) when accessing your critical accounts?
Yes
Partially
No
This value is required
*
23. Do you regularly conduct random employee phishing tests?
Yes
Partially
No
This value is required
*
24. Are all user accounts deleted on users’ nominated departure dates?
Yes
Partially
No
This value is required
*
25. Do you have a documented security incident response plan or procedure?
Yes
Partially
No
This value is required