Information Security Survey

How sound are your application security efforts?

Application security has two major considerations. The first consideration is what users can do without proper authorization. This concern typically centers on web-based applications. The second consideration is appropriate permissions within a given system, with user access and segregation of duties being primary concerns. Application security also encompasses the use of software, hardware and procedures to protect applications from external threats.

Take the following survey to assess your organization’s current access control efforts:

  1. Application security assessments are conducted regularly. Yes No Somewhat
  2. Our organization understands what should be addressed in an application security assessment. Yes No Somewhat
  3. Application security concerns not addressed by SOX or PCI assessments have been identified. Yes No Somewhat
  4. Our organization knows which applications should be subject to security assessments. Yes No Somewhat
  5. Effective software security assessment tools are used. Yes No Somewhat
  6. Manual application penetration tests are used when needed. Yes No Somewhat
  7. System event logs are reviewed regularly to identify attempted security violations. Yes No Somewhat