IronSphere Survey
How do you STATUS AUDIT your legacy infrastructure? | ||
---|---|---|
A 3rd party product. | ||
The system produced reports. | ||
3rd party annual assessment. | ||
We do not perform Status Audit. |
How frequently do you STATUS AUDIT your legacy? | ||
---|---|---|
Every day | ||
Once a week | ||
Once a month | ||
Once a year |
Does this frequency align with the applied laws and regulations? | ||
---|---|---|
Yes, our business performs in a regulated market. | ||
Yes, our business does not perform in a regulated market. | ||
No, but our business performs in a regulated market. | ||
No. we are not performing in a regulated market. |
If a 3rd party tool is used, which one is it? | ||
---|---|---|
IBM zSecure | ||
Vanguard | ||
CA Auditor | ||
Other |
What are the monthly hours invested in STATUS AUDIT? | ||
---|---|---|
1-10 hours | ||
11-30 hours | ||
31-60 hours | ||
More than 60 hours. |
How readable are the reports you use? | ||
---|---|---|
Contains just what I need to identify the risk | ||
Too much information, need to separate the wheat from the chaff | ||
if no finding, still need to read the report |
Do you enforce security framework? | ||
---|---|---|
Yes, we use NIST SP 800 | ||
Yes, we use ISO 27000 | ||
Yes, CIS benchmarks |
your organization sector | ||
---|---|---|
Finance | ||
Manufacturing | ||
Government and public sector | ||
other |
Have you heard of ISCM concept (Information Security contiguous Monitoring)? | ||
---|---|---|
No | ||
Yes, but not used it | ||
Yes, we use it. |