0 of 42 items completed 0%
Identity & Access Management Multi-factor authentication (MFA) enforced for all privileged accounts MFA enforced for all remote access and VPN connections Privileged access management (PAM) solution in place for admin accounts Role-based access control (RBAC) implemented across all critical systems Access reviews conducted at least quarterly for privileged accounts Joiners, movers, and leavers process ensures timely access revocation Service accounts inventoried and managed with regular password rotation Single sign-on (SSO) implemented for key applications
Network Security Network segmentation implemented — production systems isolated from development Next-generation firewall deployed and rules reviewed quarterly Intrusion detection and prevention system (IDS/IPS) active Web application firewall (WAF) protecting customer-facing applications DDoS protection in place for internet-facing services All remote access via VPN or zero-trust network access (ZTNA) Network traffic monitored for anomalies with automated alerting Wireless networks segmented and secured with WPA3 or equivalent
Endpoint Security Endpoint detection and response (EDR) deployed on all endpoints Patch management programme ensures critical patches applied within 72 hours Full disk encryption enabled on all laptops and mobile devices Mobile device management (MDM) solution managing all corporate mobile devices USB and removable media controls enforced on all endpoints Application whitelisting or control implemented on critical servers Vulnerability scanning conducted at least monthly on all endpoints
Data Protection Data classification policy implemented and enforced Data loss prevention (DLP) tools monitoring sensitive data flows All sensitive data encrypted at rest and in transit Database activity monitoring in place for critical databases Backup and recovery tested at least quarterly Cloud data security controls reviewed and configured Third-party data sharing agreements reviewed and updated
Threat Detection & Response Security information and event management (SIEM) system operational Security operations centre (SOC) — internal or outsourced — operational 24/7 Incident response plan documented, approved, and tested Cyber incident response retainer in place with an external firm Threat intelligence feeds integrated into detection tooling Tabletop exercises conducted at least annually Mean time to detect (MTTD) and mean time to respond (MTTR) metrics tracked
Third-Party & Supply Chain Security Third-party security assessment process in place for all critical vendors Security requirements included in all vendor contracts Continuous monitoring of critical vendor security posture Software supply chain risk assessed — open source and commercial components Cloud provider security configuration reviewed against CIS benchmarks