On this page we gathered for you some questions referring to the IT-security. If
you answer more than 3 questions with "I donīt know" or with "No", your company
should think about its IT-security strategies...
Does exist an IT-security strategy in your company, which is also supported
by the management?
Is there somebody who is responsible for the IT-security in your company?
Do you know a list of different IT-uses in your company?
Do you know a list of possible dangers and threats of your IT-uses in your
Does exist a risk analysis for the endangered IT-uses in your company?
Do you know who is responsible for damages, e.g. loss or unauthorized copy
of data caused by attacks from in- or outside?
Do you know what kind of damages could arise in your company?
Do you know if there were taken any kind of measures against such threats?
Does exist a regular controlling in the area IT-security?
Do you use beside a firewall other further security measures (e.g. systems
recognizing an attack, virus scanner for firewalls, content filter etc.)?
Do you have a concept in case of need or a disaster recovery team? Are there
rules for using the internet and the e-mail transfer in your company?
Do exist in your company permanent active virus scanners that are actualised
Do exist in your company any kind of measures for the protection of data
stored in (client-) workstations against threats of intimacy, availability and
Are taught employees in your company regularly on questions of IT-security?
I hope for your company that you can (almost) answer all questions with „Yes“
and congratulate you on this result.