Internal Policy Form DEMO

Privacy and Data Security

Include this topic for information about data handling and protection, data privacy, collecting data online, storage and security and lost or stolen data.


Does your business handle or store sensitive data or data that includes personal information about your employees or your customers?





Privacy & Security

Scams and Fraud

Include this topic for information about phishing, social engineering, online fraud, identity theft, malicious software, telephone scams and more.


All businesses can be susceptible to scams and fraud. Therefore, we recommend this topic be part of any basic cyber security plan. Do you wish to include this section?





Scams & Fraud

Network Security

Include this topic for information about computer networks, password policies, secure wireless connections, encryption, remote access, Internet access and more.


Does your business have an internal network – a group of computers connected together – and/or a Wireless Local Area Network (e.g, a WiFi router)?





Network Security

Website Security

Include this topic for information about securing a public website, including server security, login and transaction encryption, Web applications, links and redirects.


Does your small business have a public website?





Website Security

Email

Include this topic for information about filtering, employee training, email retention and management, and creating email policies.


Do you use either a business email account or personal email account to conduct business or interact with customers and/or employees?





Email

Mobile Devices

Include this topic for information about mobile security practices, threats and emergency preparedness planning for small businesses and their employees.


Does your business use any Internet-connected mobile technology, such as smartphones, laptops and tablets?





Mobile Devices

Employees

Include this topic for information about hiring, background checks, partner companies, access controls and security training.


Does your business have more than one employee?





Employees

Facility Security

Include this topic for information about your companyas physical security, including protection pf printed material, mail security and disposal of trash and electronic equipment.


Does your small business have physical assets that need to be protected, including printed material and electronic equipment?





Facility Security

Operational Security

Include this topic for information about developing a plan to secure information and networks critical to business operations.


Does your small business store data that would be valuable to cyber criminals, such as proprietary information valuable to your company's operations or sensitive customer data, such as personally identifiable information?





Operational Security

Payment Cards

Include this topic for information about electronic transactions, secure services, access to payment systems, protecting and storing customer data and more.


Does your business accept credit card payments or other electronic payments?





Payment Cards

Incident Response and Reporting

Include this topic for information about phishing, social engineering, online fraud, identity theft, malicious software, telephone scams and more.


All businesses should include an understanding of how to respond to a cyber attack as part of any basic cyber security plan, and thus we recommend you include this section. Do you wish to include?





Incident Response and Reporting

Policy Development, Management

Include this topic for information about developing security policies, roles and responsibilities, employee behavior and protecting your company’s reputation.


All business with employees can benefit from having written security policies and procedures. Do you wish to include this section?





Policy Development, Management



© 2023 - Association of Artificial Intelligence, AiCatalyst.gr