1.2) Is your Company-wide Computers, Network and Information Security policy been approved by the Board of Directors (industry regulation such as GLBA) and/or by executive management? *
1. Approved standards
2. Guidelines and procedures *
2.1) Is there a documentation describing the following:
Report (A-B) Publish the Documents ( C - D)
A. Inventory of assets
B. Identifies the owner and prioritizes information classification program
C. Corporate Intranet
D. Employee handbook *