- Do you need to provide information security assurance to your clients and other stakeholders?
- Would you suffer financial or reputational loss in case of an information security incident?
- Are you subject to regulations relevant to information security?
- Are you able to prioritize your information security investments?
- Are you prepared to respond to information security attacks?
- Would you suffer financial or reputational loss in case your systems compromised?
- Are you subject to regulations for vulnerability management?
- Are you able to manage your threat surface and keep track of the new vulnerabilities?
- Can you monitor attacks against your systems and human resources?
- Are you prepared to respond to hacker attacks?
