Exposures related to data and cyber-security is one of the largest potential loss drivers of a public entity. Prevention and preparedness are critical for addressing this risk. To assist members, the Cyber-security Self-assessment is a broad checklist that an organization uses internally to assist in identifying data security areas it needs to strengthen.
How to Use the Cyber-security Self-assessment
The assessment asks yes-no questions and provides areas for comments and action items, as well as to whom the action items are assigned. It is key to assign action items to specific individuals or groups and for someone to be responsible for following up with the designees to make sure that corrective actions are implemented.
An organization may want to have administration and IT staff complete the checklist collaboratively.
Use in Combination with Essentials of Data Security for Public Entities
The no-cost MCIT publication Essentials of Data Security for Public Entities offers more in-depth checklists for each of its chapter’s topic that can be used as a second step in an organization’s data security assessment process.