Information Security Risk Assessment Questionnaire

Subscriber Content
Screenshot of the first page of Information Security Risk Assessment Questionnaire

This questionnaire is designed to assist with reviewing and documenting the risk profile of your organization’s information processing activities. It contains ten sections, as per ISO/IEC 27002:2005. The major focus areas include: security policy, asset management, human resources security, physical and environmental security, communication and operational management, business continuity management, and compliance.

Sample questions include: Does an information security policy and a security strategy exist? Describe the lifecycle process of information security policies at your organization. Were appropriate parties involved in the development of policies? How is the security policy communicated?

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.