Incident Security Questionnaire

1. What is the value of your computer infrastructure in the following categories?

A. Revenue generated on a daily and hourly rate.
B. Cost of operation on a daily and hourly rate.
C. Cost of replacement of equipment and software in totality.
D. Cost of confidency exposure to clients.
E. Cost of business interruption insurance.

2. According to the answer to question #1, what is your budgeted expenditure on incident response. Include salaries, equipment, storage units, legal fees, contracts, and software. Make it a percentage of you overall computer infrastructure value. Break it down into a daily and hourly percentage figure.

3. Do you have a security policy that has been reviewed within the last quarter, or incident, which ever was most recent?

4. Do you have an incident policy and when was it last tested by a scenario?

5. Who is your incident response team leader or contact?

6. What is the level of training for your response team and its leader? By year training, quarter training, etc.

7. Does everyone in your organization know who to call, or what to do, if an incident occurs?

8. What are your equipment resources specific for incident response?

9. What are your points of contact for incident response outside your organization?

10. Who do you want to know when an incident occurs?

11. Is incident response part of your complete disaster recovery plan?

12. If law enforcement becomes involved how will you provide evidence and keep your systems running?

13. Who determines the incident is over, and how do they make that decision?

14. Do you know the current statistics and threat level to your specific equipment and software from a global perspective?