Information Technology (IT) Controls
-
Does the parish/school have a Password Policy in place? Yes or No If “No”, go to Question #3.
-
Are Password Length & Strength requirements included in the policy? Yes or No
-
Do Passwords expire and require re-setting after a minimum of 60 days? Yes or No
-
Do software applications containing confidential information require a separate user based password? Yes or No
-
Is a user based password required to access each parish/school computer? Yes or No
-
To confirm a “Yes” response:
-
Lock the screen by CTRL-ALT-DEL, Lock Screen. Confirm a password is required to unlock the screen. “Yes” response confirmed? Yes or No
-
Does each parish/school computer have password protected hibernation enabled? Yes or No
-
To confirm a Yes response:
-
Control Panel – Power – Hibernate: Minimum of 15 minutes before Hibernation.
-
Password required to re-activate. “Yes” response confirmed? Yes or No
-
Is there a wireless network operating within your parish/school property? Yes or No If “No”, go to Question #4.
-
Is the wireless connection WEP (Wired Equivalent Privacy) secured? Yes or No Or
-
Is the wireless connection WPA (Wifi Protected Access) secured? Yes or No
-
Are there wireless access boundaries installed? Yes or No
-
Is the wireless access password protected? Yes or No
-
To confirm a Yes response: Try to connect a wireless device without entering a password.
“Yes” response confirmed? Yes or No
-
For your parish/school email domain, is there an email filter system in place that monitors for viruses, spam, etc.? Yes or No If “No”, go to Question #5.
-
If yes, What is the name of the program?____________________________________________________
-
If yes, is there an expiration date for this program? Yes or No If Yes, when?_______________________
-
Confirm by reviewing an actual “Held Mail Report” from the service provider.
“Yes” response confirmed? Yes or No
-
Are the parish/school computers on a Network? Yes or No If “No”, go to Question #6.
-
Is the network secured by a firewall? Yes or No
-
If yes, what is the name of the firewall? ______________________________________________
-
If yes, is there a maintenance expiration date on the firewall? Yes or No If Yes, Date:_________
-
Is the network protected by an antivirus program? Yes or No
-
If yes, what is the name of the antivirus program?_____________________________________
-
If yes, is there a maintenance expiration date on the antivirus program? Yes or No If Yes, Date: ____________________
-
What operating system is in place for the network servers? (I.E. Microsoft Windows Server 2008)
_______________________________________________________________________________
_______________________________________________________________________________
-
Is there a software update patch maintenance routine established for the server(s)? Yes or No
-
If Yes, what is that schedule?:________________________________________________
-
Are any of the parish/school computers stand-alone only? (I.E. Not connected to each other or to a server.)
Yes or No If “No”, go to Question #7.
-
Are all computers secured by a firewall program? (Control Panel – Windows Firewall Settings – On)
Yes or No
-
If Yes, what is the name of the firewall?____________________________________________
-
If yes, is there a maintenance expiration date on the firewall? Yes or No
If Yes, Date:_________
-
Are all computers protected by an antivirus program? (Start – All Programs – Find the Antivirus Application Installed) Yes or No
-
If yes, what is the name of the antivirus program? ____________________________________
-
If yes, is there a maintenance expiration date on the antivirus program? Yes or No
If Yes, Date: __________________
-
Are all computers protected by an anti-spyware/anti-malware program? ( Start – All Programs – Find the Anti-spyware/Anti-malware program) Yes or No
-
If yes, what is the name of the anti-spyware/anti-malware program? __________________
-
If yes, is there a maintenance expiration date on the anti-spyware/anti-malware program?
Yes or No If Yes, Date:________________________________________________________
-
What operating system(s) are in use on the stand alone computer(s)? (I.E. Microsoft Windows XP).
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
-
Is there a software update patch maintenance routine established for each computer? Yes or No
-
If yes, what is that schedule? _________________________________________________
-
Are Mobile Devices utilized for parish/school business? (Mobile Devices = laptops, tablets, cell phones, USB storage devices) Yes or No If “No”, go to Question #7.
-
Are any mobile devices allowed to connect to the Parish/School’s network either through VPN or email? Yes or No If “No”, go to Question #7 (If webmail is utilized, where the user needs to log into their email every time it is accessed, that is acceptable)
-
Are the devices encrypted? Yes or No
-
Are the devices password protected? Yes or No
-
Is there a Mobile Device Use Policy in place? Yes or No
-
Does the parish/school employ I.T. staff? Yes or No
-
Does the parish/school utilize the services of a technology consulting firm? Yes or No
-
Is there responsibility for active management of the network/computer maintenance and security? Yes or No
___________________________________________________
Printed name of person filling out IT Questionnaire
___________________________________________________ _____________________________
Signature of person filling out IT Questionnaire Date
Share with your friends: |
