Advancement through Cyber Resilience

The roles and respon

Button

Inventory and Control of Software Assets

2

Continuous Vulnerability Management

3

Controlled Use of Administrative Privileges

4

Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers

5

Maintenance, Monitoring and Analysis of Audit Logs

6 3. Continuous Vulnerability Management

4. Controlled Use of Administrative Privileges

Inventory and Control of Hardware Assets

BASIC

Inventory and Control of Hardware Assets

1 Effectiveness: Non-Existent

Inventory and Control of Software Assets

2 Effectiveness: Non-Existent

Continuous Vulnerability Management

3 Effectiveness: Non-Existent

Controlled Use of Administrative Privileges

4 Effectiveness: Non-Existent

Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers

5 Effectiveness: Non-Existent

Maintenance, Monitoring and Analysis of Audit Logs

6 Effectiveness: Non-Existent

FOUNDATIONAL

Email and Web Browser Protections

7 Effectiveness: Non-Existent

Malware Defenses

8 Effectiveness: Non-Existent

Limitation and Control of Network ports, Protocols and Services

9 Effectiveness: Non-Existent

Data Recovery Capabilities

10 Effectiveness: Non-Existent

Secure Configuration for Network Devices, such as Firewalls, Routers and Switches

11 Effectiveness: Non-Existent

Boundary Defense

12 Effectiveness: Non-Existent

Data Protection

13 Effectiveness: Non-Existent

Controlled Access based on the Need to Know

14 Effectiveness: Non-Existent

Wireless Access Control

15 Effectiveness: Non-Existent

Account Monitoring and Control

16 Effectiveness: Non-Existent

ORGANISATIONAL

Implement a Security Awareness and Training Program

17 Effectiveness: Non-Existent

Application Software Security

18 Effectiveness: Non-Existent

Incident Response and Management

19 Effectiveness: Non-Existent

Penetration Testing and Red Team Exercises

20 Effectiveness: Non-Existent

12. Boundary Defence

13. Data Protection

14. Controlled Access Based on the Need to Know

15. Wireless Access Control

5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers

17. Implement a Security Awareness and Training Program

7. Email and Web Browser Protections

16. Account Monitoring and Control

6. Maintenance, Monitoring and Analysis of Audit Logs

18. Application Software Security

19. Incident Response and Management

20. Penetration Tests and Red Team Exercises

8. Malware Defences

9. Limitation and Control of Network Ports, Protocols and Services

10. Data Recovery Capabilities

Notifications

Control Name

Domain

Evidenes

Recommendation

11. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches

Assignments

Control Name

Domain

Evidenes

Recommendation

Control Name

Domain

Evidenes

Recommendation

Major non-conf

Heading 5

Please check here to indicate you have read and agree to Secure Forte Terms of Use Agreement.

Please agree to above T&Cs first before you proceed!