List of Controls

Domain
Question
Language:
Domain Question Language
Business Continuity Do you perform a risk assessment? English
Business Continuity When was the last time you performed a risk assessment? English
Business Continuity What does your risk assessment cover? English
Change Management Is there a process for configuration management? English
Change Management Is there a process for emergency changes? English
Change Management How are you tracking changes? (by item?) English
Change Management Where do you record all changes done? English
Change Management Is there a roll back process if needed? English
Data Management How long do you retain company data? English
Data Management What is the process you follow for data disposal? English
Data Management What is the process you follow to securly disposed infraestructure and the data in them after end of life? English
Data Management Do you receive a certificate of destruction by a third party? English
Data Management What tools do you use for data disposal? English
Development Do you have a secure development life cycle documented? English
Development Are testing environments separate from production environments? English
Development Are security scans perform on your code? English
Development Are security code best practices follow? English
Development What security framework(s) is/are followed to ensure application security English
Encryption Are databases, servers containing company data encrypted? English
Encryption What encryption algorithm is used to encrypt company data? English