Information and security audit questionnaire for outsourcing service provider
Information and security audit questionnaire for outsourcing service provider

The following Risk & Compliance precedent provides comprehensive and up to date legal information covering:

  • Information and security audit questionnaire for outsourcing service provider

Please complete, sign and date this questionnaire. You should then return the completed questionnaire to [insert details of relevant person within customer organisation] at [insert address].

Name of [prospective] outsourcing supplier[Insert details]
Address[Insert details]
Brief description of services [to be] outsourced[Insert details]
Date questionnaire completed by [prospective] outsourcing supplier[Insert details]
Signature of authorised representative of [prospective] outsourcing supplier[Insert details]
Name of authorised representative[Insert details]

A: SECURITY POLICIES AND PROCEDURES

Do you have an information security policy?[Insert details]
If yes, please provide a copy[Insert details]
Please describe your arrangements for ensuring physical security of your premises and processing areas, including physical entry controls (if any)[Insert details]
Please describe your arrangements for equipment security and maintenance[Insert details]
Please describe your arrangements for password and access controls[Insert details]
Please describe your arrangements for security of mobile equipment, eg laptops and mobile phones[Insert details]
Please describe your controls against malicious software[Insert details]
How will you preserve security if an event occurs that could compromise business continuity?[Insert details]
How do you monitor system access and use?[Insert details]
Do

Popular documents