Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security Audit - Coggle Diagram
Security Audit
Hardware
Firmware versions
How often is the firmware checked/updated?
Server
Encrypted?
How often is it updated?
Access rights and passwords
How often are these checked/reviewed?
Asset register
How often is this checked/updated?
What information is recorded? Is it enough?
Protection
Anti virus?
Anti malware?
Anti Ransomeware?
How often is this checked?
How often is it updated?
What if there is a problem?
External and internal attacks
Active monitoring and reaction to threats?
Automatic scanning and remediation
Wireless
Access control
How often is password changed?
How often is this checked?
Guest networks
Monitoring system
Update/change frequency
Admin accounts
Are there adequate controls in place?
Is 2FA set up where it can be?
Password policy
Password length
Change frequency
Default passwords changed?
Complexity policy
List of who has this access?
Software
Cloud
How do users access?
How are users added and removed?
Is access checked on a regular basis?
What is the password policy?
How secure is the provider?
Do we have GDPR/DPIA in place?
What browser is best to access this platform?
How are data breaches handled?
What is their notification period of a data breach?
What data control is in place?
How is the data recovered if it is lost?
Who is told if data is breached?
Local
Where is the data held?
Is the data secure/encrypted?
Email
How are email threats monitored?
Are email threats detected?
Can staff recognise threats?
Training
School staff
How often are staff trained on security?
IT
How often are IT trained?
Can IT train school staff?
Accounts
Any generic accounts such as teacher/teacher