Skip to main content

Security

TODO: insert GovAssure baseline? or excerpt from?

How do you manage accounts used by software, not people?

How does your organisation manage user identities and authentication?

How do you make sure people have the right access for their role?

How do you create and manage user accounts for cloud systems?

How do you manage non-human service accounts in the cloud?

How do you manage risks?

How do you manage staff identities?

How do you reduce the risk from staff with high-level access?

How do you keep your software supply chain secure?

How do you find and fix security problems, vulnerabilities, and misconfigurations?

How do you secure your network and control access?

How do you use two-factor or multi-factor authentication (2FA/MFA)?

How do you manage privileged access?

How does your organisation respond to security breaches and incidents?

Reset Section Save and continue