Question Bank
Manage assessment questions by domain and category
| ID | Question Text | Domain | Category | Type | Risk Weight | Status | Actions |
|---|---|---|---|---|---|---|---|
| 59 | Do you have centralized logging for security events? Aggregated logs from systems, applications, network devices |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.0 | Active | |
| 145 | Do you have centralized logging for security events? Aggregated logs from systems, applications, network devices |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.0 | Active | |
| 60 | Do you use a Security Information and Event Management (SIEM) system? Security monitoring and alerting platform |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.0 | Active | |
| 146 | Do you use a Security Information and Event Management (SIEM) system? Security monitoring and alerting platform |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.0 | Active | |
| 61 | If yes, which SIEM solution do you use? e.g., Splunk, Microsoft Sentinel, LogRhythm |
IT Governance & Controls | Security Monitoring & Response | Text | 1.0 | Active | |
| 147 | If yes, which SIEM solution do you use? e.g., Splunk, Microsoft Sentinel, LogRhythm |
IT Governance & Controls | Security Monitoring & Response | Text | 1.0 | Active | |
| 62 | Do you have a Security Operations Center (SOC) monitoring your environment? Internal or outsourced 24/7 security monitoring |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.0 | Active | |
| 148 | Do you have a Security Operations Center (SOC) monitoring your environment? Internal or outsourced 24/7 security monitoring |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.0 | Active | |
| 63 | If yes, is the SOC internal or outsourced? | IT Governance & Controls | Security Monitoring & Response | MultipleChoice | 1.0 | Active | |
| 149 | If yes, is the SOC internal or outsourced? | IT Governance & Controls | Security Monitoring & Response | MultipleChoice | 1.0 | Active | |
| 64 | Do you have an Incident Response Plan? Documented procedures for security incidents |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.5 | Active | |
| 150 | Do you have an Incident Response Plan? Documented procedures for security incidents |
IT Governance & Controls | Security Monitoring & Response | YesNo | 2.5 | Active | |
| 65 | When was your Incident Response Plan last tested? Tabletop exercise or simulation |
IT Governance & Controls | Security Monitoring & Response | Date | 1.5 | Active | |
| 151 | When was your Incident Response Plan last tested? Tabletop exercise or simulation |
IT Governance & Controls | Security Monitoring & Response | Date | 1.5 | Active |
Showing 14 of 242 questions
242 Active
0 Inactive