Annual security audit checklist: Difference between revisions
Jump to navigation
Jump to search
m (added Category:WMUK Security Standards using HotCat) |
m (removed Category:Policies using HotCat) |
||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{IT Security Policy}} | |||
{|class=wikitable | {|class=wikitable | ||
! Task Name !! Description !! Status !! Completed | ! Task Name !! Description !! Status !! Completed | ||
| Line 12: | Line 13: | ||
| Update staff training || Provide update briefing to members of staff on any set-up and policy changes as a result of audit || To do || | | Update staff training || Provide update briefing to members of staff on any set-up and policy changes as a result of audit || To do || | ||
|- | |- | ||
| Cardholder data policy || Review policy | | Cardholder data policy || Review policy and seek to agree amendments to reflect current circumstances || Due Sept 2013 || | ||
|- | |- | ||
| Data breach policy || Review policy | | Data breach policy || Review policy and seek to agree amendments to reflect current circumstances || Due Sept 2013 || | ||
|- | |- | ||
| IT Security policy || Review policy | | IT Security policy || Review policy and seek to agree amendments to reflect current circumstances || Due Sept 2013 || | ||
|- | |- | ||
| Donor Privacy Policy || Review policy | | Donor Privacy Policy || Review policy and seek to agree amendments to reflect current circumstances || Due Sept 2013 || | ||
|} | |} | ||
[[Category:WMUK Security Standards]] | [[Category:WMUK Security Standards]] | ||
Latest revision as of 18:25, 17 February 2014
|
This policy was adopted by the Board on 9 February 2013. It is part of a series of IT Security Policy. |
| Task Name | Description | Status | Completed |
|---|---|---|---|
| Payment Providers PCI Compliance | Upload most recent certifications of providers to relevant page on UK Wiki | Due Sept 2013 | - |
| Security Audit | Conduct a security audit - check staff and volunteers complying with procedures | To do | |
| Archive 'Fundraising@' email | Check emails deleted and folders compacted on a quarterly basis | Due Sept 2013 | |
| Legal briefing to staff | Provide update briefing to members of staff on changes to the law and implications | To do | |
| Update staff training | Provide update briefing to members of staff on any set-up and policy changes as a result of audit | To do | |
| Cardholder data policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 | |
| Data breach policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 | |
| IT Security policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 | |
| Donor Privacy Policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 |