Question Bank
Manage assessment questions by domain and category
| ID | Question Text | Domain | Category | Type | Risk Weight | Status | Actions |
|---|---|---|---|---|---|---|---|
| 114 | Do you have a documented Information Security Policy? Overarching security policy |
IT Assets & Investments | Policies & Documentation | YesNo | 2.5 | Active | |
| 121 | How many workstations (desktops/laptops) does your organization have? Total count of employee computers |
IT Assets & Investments | Policies & Documentation | Numeric | 1.0 | Active | |
| 200 | Do you have a documented Information Security Policy? Overarching security policy |
IT Assets & Investments | Policies & Documentation | YesNo | 2.5 | Active | |
| 115 | Do you have a documented Acceptable Use Policy? Guidelines for acceptable use of IT resources |
IT Assets & Investments | Policies & Documentation | YesNo | 2.0 | Active | |
| 122 | What percentage of workstations are running Windows 10 or newer? Supported operating system versions |
IT Assets & Investments | Policies & Documentation | Numeric | 2.0 | Active | |
| 201 | Do you have a documented Acceptable Use Policy? Guidelines for acceptable use of IT resources |
IT Assets & Investments | Policies & Documentation | YesNo | 2.0 | Active | |
| 116 | Do you have a documented Data Classification Policy? How data should be categorized and protected |
IT Assets & Investments | Policies & Documentation | YesNo | 2.0 | Active | |
| 123 | Do you have a complete inventory of all IT assets? Documented list of all hardware and software |
IT Assets & Investments | Policies & Documentation | YesNo | 1.5 | Active | |
| 202 | Do you have a documented Data Classification Policy? How data should be categorized and protected |
IT Assets & Investments | Policies & Documentation | YesNo | 2.0 | Active | |
| 117 | Do you have a documented Incident Response Policy? | IT Assets & Investments | Policies & Documentation | YesNo | 2.0 | Active | |
| 124 | Do you use Remote Monitoring and Management (RMM) software? Centralized monitoring and management of endpoints |
IT Assets & Investments | Policies & Documentation | YesNo | 1.5 | Active | |
| 203 | Do you have a documented Incident Response Policy? | IT Assets & Investments | Policies & Documentation | YesNo | 2.0 | Active | |
| 118 | When were your IT policies last reviewed and updated? Policies should be reviewed annually |
IT Assets & Investments | Policies & Documentation | Date | 1.5 | Active | |
| 125 | If yes, which RMM solution do you use? e.g., NinjaRMM, Datto, ConnectWise |
IT Assets & Investments | Policies & Documentation | Text | 1.0 | Active | |
| 204 | When were your IT policies last reviewed and updated? Policies should be reviewed annually |
IT Assets & Investments | Policies & Documentation | Date | 1.5 | Active | |
| 119 | Do employees acknowledge IT policies annually? Signed acknowledgment of policy awareness |
IT Assets & Investments | Policies & Documentation | YesNo | 1.5 | Active | |
| 126 | Are workstations encrypted? BitLocker, FileVault, or other encryption |
IT Assets & Investments | Policies & Documentation | YesNo | 2.5 | Active | |
| 205 | Do employees acknowledge IT policies annually? Signed acknowledgment of policy awareness |
IT Assets & Investments | Policies & Documentation | YesNo | 1.5 | Active | |
| 120 | Do you have an Information Security Framework adopted? e.g., NIST CSF, ISO 27001, CIS Controls |
IT Assets & Investments | Policies & Documentation | MultipleChoice | 2.0 | Active | |
| 127 | Do end users have local administrator rights on their workstations? Elevated privileges that can increase security risk |
IT Assets & Investments | Policies & Documentation | YesNo | 2.5 | Active | |
| 206 | Do you have an Information Security Framework adopted? e.g., NIST CSF, ISO 27001, CIS Controls |
IT Assets & Investments | Policies & Documentation | MultipleChoice | 2.0 | Active | |
| 128 | Do you have a Mobile Device Management (MDM) solution? Management of mobile phones and tablets |
IT Assets & Investments | Policies & Documentation | YesNo | 2.0 | Active | |
| 129 | If yes, which MDM solution do you use? e.g., Intune, Jamf, MobileIron |
IT Assets & Investments | Policies & Documentation | Text | 1.0 | Active |
Showing 23 of 242 questions
242 Active
0 Inactive