...
Department | Area | Recurrence | Next Date | Status* | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Accounting | Logical Access | Quarterly | 11 November 2017 | Planned | ||||||
HR system | Logical Access | Quarterly | Datacenter | Physical Access | 2/year | Quality Management | Risk register | Quarterly | ||
Quality management | Risk acceptance (system owner/senior management) | 2/year | ||||||||
Quality management | Security management system | Annual | ||||||||
Risk assessment | All new designs | |||||||||
1.3 Awareness and Security training
Department/role | Training/Awareness | Recurrence | Date | Status |
---|---|---|---|---|
All | How to detect phishing | 2/year | 4 October 2017 | Completed |
All | Newsletter/blog on actual events | Monthly | ||
All or targeted groups | Phishing test | Bi-monthly | ||
New employees | Initial security training/onboarding | Monthly | ||
Existing employees | Skill upgrade | Annual | ||
Quality management | Review training material | Annual |
1.4 Internal Audit
Department |
---|
Area | Recurrence | Next Date | Status |
---|
* | ||||
---|---|---|---|---|
Accounting | Logical Access | Quarterly | 11 November 2017 | Planned |
HR system | Logical Access | Quarterly | ||
Datacenter | Physical Access | 2/year |
1.5 Reporting
Type | Reccurence | Due date for report | Due date for management review | Status |
---|---|---|---|---|
Annual report | Annual | 30th november 2017 | 14th december 2017 | In progress |
Board report | Quarterly | 14 days before board meeting | Feb 20th 2018 | Planned |
Board presentation | Quarterly | 14 days before board meeting | Feb 20th 2018 | Planned |
Top risks | Monthly | March 1st 2018 | March 5th 2018 | In progresss |
...