Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

01) Does your organisation conduct an annual independent information security review and act upon the findings?

August 30, 2022
Security Governance
Independent Security Review

Answer yes if your organisation engages a third party to conduct an annual information security review, the findings are assessed by your organisation and acted upon if necessary. If yes, please add the date of your last review to the notes.

An annual security review conducted by an external and independent third party helps to ensure that your implemented security controls are effective in mitigating you company’s security risks.

The length and depth of a security review will typically be scoped out by the independent third party and will help you to understand any gaps in your security and risk management controls.

How to implement the control

Most information security consulting firms will offer an information security review that will look at the security risks your company is exposed to and map them to implemented security controls, highlighting any gaps.

If you would like to contribute to this article or provide feedback, please email knowledge@riskledger.com. Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.