Observatory Strategic Management Cyber supplementary app. for LCP ₂

Observatory Strategic Management Cyber supplementary app. for LCP ₂

Developments in US cyber legislation and regulatory enforcement are likely to force changes to corporate cybersecurity risk management and regulatory reporting from 2023. The following questions are formulated with these new standards in mind.
Contact Info
Formal Business Name:
Primary Domain Name:
Primary contact for IT, Cyber, and Insurance matters:

First NameLast Name
Contact's email address
example@example.com
Contact's phone number
Please enter a valid phone number.
Powered by

Governance
Who is designated within your company to sign-off on SEC and DOJ mandated operating procedures?
Who reads and signs off on Statements of Work and accepts EULA agreements for 3rd party IT and OT services?
Do you plan to comply with the standards set out under ISO 27001?

YesNo
Powered by

Passwords and Access
Do you segment your network access, so every system’s password is different and independent from each other? [This implies organizations cannot use Single-Sign-On (password or identity) to access all systems at once.]

YesNo
Do you manage, control and encrypt all employees’ passwords – i.e., employees cannot bring their own keys or know their passwords?

YesNo
Do you use automatically generated long random passwords for every system? [people can’t create passwords; 15 character minimum for high entropy]

YesNo
Do you have an access audit system in place that records every access event?

YesNo
Powered by

Hygiene
Does your firm mandate cyber training for ALL employees, Directors and Officers?

YesNo
Are your employees specifically prohibited from using work email outside of work?

YesNo
Do you have anyone maintain your URL and your Web domain’s DNS?

YesNo
If so, who?
Powered by

Hygiene
If you merged with or acquired a new entity within the past 36 months, did you conduct a supply chain review of their cyber hygene?

YesNo
Who coordinated the transference of incoming data?
Powered by

Insurance
Is your existing insurance program based upon standard applications and policies or were risk mitigation initiatives discussed and considered with a view to enhancing coverage?

YesNo
Powered by
Should be Empty:

Contact Info