Читать книгу Information Technology Security Risk Assessment A Complete Guide - 2020 Edition - Gerardus Blokdyk - Страница 7
ОглавлениеCRITERION #1: RECOGNIZE
INTENT: Be aware of the need for change. Recognize that there is an unfavorable variation, problem or symptom.
In my belief, the answer to this question is clearly defined:
5 Strongly Agree
4 Agree
3 Neutral
2 Disagree
1 Strongly Disagree
1. What extra resources will you need?
<--- Score
2. Is it needed?
<--- Score
3. What are the Information technology security risk assessment resources needed?
<--- Score
4. Did you miss any major Information technology security risk assessment issues?
<--- Score
5. Why the need?
<--- Score
6. How do you recognize an Information technology security risk assessment objection?
<--- Score
7. What resources or support might you need?
<--- Score
8. How are training requirements identified?
<--- Score
9. What is the Information technology security risk assessment problem definition? What do you need to resolve?
<--- Score
10. Think about the people you identified for your Information technology security risk assessment project and the project responsibilities you would assign to them, what kind of training do you think they would need to perform these responsibilities effectively?
<--- Score
11. What activities does the governance board need to consider?
<--- Score
12. Which information does the Information technology security risk assessment business case need to include?
<--- Score
13. What Information technology security risk assessment coordination do you need?
<--- Score
14. What should be considered when identifying available resources, constraints, and deadlines?
<--- Score
15. Have you identified your Information technology security risk assessment key performance indicators?
<--- Score
16. What are the timeframes required to resolve each of the issues/problems?
<--- Score
17. What creative shifts do you need to take?
<--- Score
18. Do you know what you need to know about Information technology security risk assessment?
<--- Score
19. To what extent would your organization benefit from being recognized as a award recipient?
<--- Score
20. Who else hopes to benefit from it?
<--- Score
21. To what extent does each concerned units management team recognize Information technology security risk assessment as an effective investment?
<--- Score
22. Are there recognized Information technology security risk assessment problems?
<--- Score
23. What tools and technologies are needed for a custom Information technology security risk assessment project?
<--- Score
24. What needs to be done?
<--- Score
25. Are employees recognized for desired behaviors?
<--- Score
26. Who needs to know?
<--- Score
27. Are problem definition and motivation clearly presented?
<--- Score
28. What do you need to start doing?
<--- Score
29. What would happen if Information technology security risk assessment weren’t done?
<--- Score
30. Is the quality assurance team identified?
<--- Score
31. Are there Information technology security risk assessment problems defined?
<--- Score
32. What training and capacity building actions are needed to implement proposed reforms?
<--- Score
33. What problems are you facing and how do you consider Information technology security risk assessment will circumvent those obstacles?
<--- Score
34. Are losses recognized in a timely manner?
<--- Score
35. Who are your key stakeholders who need to sign off?
<--- Score
36. For your Information technology security risk assessment project, identify and describe the business environment, is there more than one layer to the business environment?
<--- Score
37. When a Information technology security risk assessment manager recognizes a problem, what options are available?
<--- Score
38. What do employees need in the short term?
<--- Score
39. As a sponsor, customer or management, how important is it to meet goals, objectives?
<--- Score
40. What information do users need?
<--- Score
41. How can auditing be a preventative security measure?
<--- Score
42. Who needs to know about Information technology security risk assessment?
<--- Score
43. How do you assess your Information technology security risk assessment workforce capability and capacity needs, including skills, competencies, and staffing levels?
<--- Score
44. What are the expected benefits of Information technology security risk assessment to the stakeholder?
<--- Score
45. Are you dealing with any of the same issues today as yesterday? What can you do about this?
<--- Score
46. Where is training needed?
<--- Score
47. How do you identify subcontractor relationships?
<--- Score
48. Where do you need to exercise leadership?
<--- Score
49. What are your needs in relation to Information technology security risk assessment skills, labor, equipment, and markets?
<--- Score
50. What situation(s) led to this Information technology security risk assessment Self Assessment?
<--- Score
51. What is the problem or issue?
<--- Score
52. What does Information technology security risk assessment success mean to the stakeholders?
<--- Score
53. What are the minority interests and what amount of minority interests can be recognized?
<--- Score
54. Who needs what information?
<--- Score
55. Does the problem have ethical dimensions?
<--- Score
56. What are the stakeholder objectives to be achieved with Information technology security risk assessment?
<--- Score
57. Whom do you really need or want to serve?
<--- Score
58. Will Information technology security risk assessment deliverables need to be tested and, if so, by whom?
<--- Score
59. How are you going to measure success?
<--- Score
60. Do you need to avoid or amend any Information technology security risk assessment activities?
<--- Score
61. Do you need different information or graphics?
<--- Score
62. Which needs are not included or involved?
<--- Score
63. Would you recognize a threat from the inside?
<--- Score
64. Are your goals realistic? Do you need to redefine your problem? Perhaps the problem has changed or maybe you have reached your goal and need to set a new one?
<--- Score
65. What is the smallest subset of the problem you can usefully solve?
<--- Score
66. How do you recognize an objection?
<--- Score
67. What Information technology security risk assessment problem should be solved?
<--- Score
68. What is the problem and/or vulnerability?
<--- Score
69. What needs to stay?
<--- Score
70. How does it fit into your organizational needs and tasks?
<--- Score
71. What prevents you from making the changes you know will make you a more effective Information technology security risk assessment leader?
<--- Score
72. Are there any revenue recognition issues?
<--- Score
73. Does Information technology security risk assessment create potential expectations in other areas that need to be recognized and considered?
<--- Score
74. What are the clients issues and concerns?
<--- Score
75. How are the Information technology security risk assessment’s objectives aligned to the group’s overall stakeholder strategy?
<--- Score
76. Will it solve real problems?
<--- Score
77. Are there regulatory / compliance issues?
<--- Score
78. Can management personnel recognize the monetary benefit of Information technology security risk assessment?
<--- Score
79. What Information technology security risk assessment capabilities do you need?
<--- Score
80. Will a response program recognize when a crisis occurs and provide some level of response?
<--- Score
81. Who should resolve the Information technology security risk assessment issues?
<--- Score
82. Do you recognize Information technology security risk assessment achievements?
<--- Score
83. Does your organization need more Information technology security risk assessment education?
<--- Score
84. How do you take a forward-looking perspective in identifying Information technology security risk assessment research related to market response and models?
<--- Score
85. Is the need for organizational change recognized?
<--- Score
86. What else needs to be measured?
<--- Score
87. How much are sponsors, customers, partners, stakeholders involved in Information technology security risk assessment? In other words, what are the risks, if Information technology security risk assessment does not deliver successfully?
<--- Score
88. What Information technology security risk assessment events should you attend?
<--- Score
89. Which issues are too important to ignore?
<--- Score
90. What is the recognized need?
<--- Score
91. How do you identify the kinds of information that you will need?
<--- Score
92. Are there any specific expectations or concerns about the Information technology security risk assessment team, Information technology security risk assessment itself?
<--- Score
93. Do you have/need 24-hour access to key personnel?
<--- Score
94. How many trainings, in total, are needed?
<--- Score
95. Consider your own Information technology security risk assessment project, what types of organizational problems do you think might be causing or affecting your problem, based on the work done so far?
<--- Score
96. What vendors make products that address the Information technology security risk assessment needs?
<--- Score
97. Will new equipment/products be required to facilitate Information technology security risk assessment delivery, for example is new software needed?
<--- Score
98. What is the extent or complexity of the Information technology security risk assessment problem?
<--- Score
99. Looking at each person individually – does every one have the qualities which are needed to work in this group?
<--- Score
100. Is it clear when you think of the day ahead of you what activities and tasks you need to complete?
<--- Score
101. Who defines the rules in relation to any given issue?
<--- Score
Add up total points for this section: _____ = Total points for this section
Divided by: ______ (number of statements answered) = ______ Average score for this section
Transfer your score to the Information technology security risk assessment Index at the beginning of the Self-Assessment.
