This free survey is powered by QUESTIONPRO.COM
  1. Surveys
  2. 2012
  3. April
  4. I
  5. IT Security in Todays Legislative Framework - COPI
0%
 

Hello, my name is Lesley Chaddock and I am currently undertaking a project on the complexities of implementing IT security procedures in today’s legislative framework. This project is in partial fulfilment of the requirements for the degree of Master of Science.


As such you are invited to participate in the following survey and to answer the questions as openly and honestly as you feel able.


For each fully completed survey I receive, I will make a donation to Oxfam to help them to continue with the excellent work they do throughout our world.


An outcome of the project is to develop a practical guide to assist in identifying relevant legislation and prioritising appropriate IT security Best Practice. You may submit your survey anonymously but if you would like to receive a copy of this guide you are invited to submit your email address at the end.


Thank you very much for your time and support. Please start with the survey now by clicking on the Continue button below.
 
 

1. Please indicate the size of the Company that you work for:
 
Less than 50 employees?
 
51 - 250 employees?
 
251 - 500 employees?
 
501 - 1000 employees?
 
Greater than 1001 employees
 
 
 
* 2. Please provide your job title.
   
 
 

3. Please indicate whether you have a dedicated IT department in your Company.
 
Yes
 
No
 
IT is outsourced
 
Other
 
 
 

4. If the answer to the previous question was Yes - how many people are employed within that department?
 
Less than 3?
 
Between 4 and 9?
 
10 or more?
 
Not dedicated?
 
Other
 
 
 

5. Which department in your Company is responsible for security?
 
IT
 
HR
 
Don't know
 
Other
 
 
 

6. Which department in your Company is responsible for Data Protection?
 
IT
 
HR
 
Don't know
 
Other
 
 
 

7. Do you have an IT Security Policy (either as a document in its own right or as part of an overall IT Policy)?
 
Yes - separate document
 
Yes - part of IT Policy
 
No
 
 

8. Does the IT/Security Policy form part of the Contract of Employment?
 
Yes
 
No
 
Don't know
 
Other
 
 
 

9. When was your IT Security Policy last updated?
 
Within the last 6 months?
 
Don't know
 
Other
 
 
 

10. When do you next plan to update the IT Security Policy?
 
Within the next 6 months?
 
Other
 
 
 

11. If the IT Security Policy has been recently updated were all employees made aware of the specific changes?
 
Yes
 
No
 
Other
 
 
 

12. Does the IT Security Policy clearly define what might be considered as misuse of the Company IT systems?
 
Yes
 
No
 
 

13. Does the IT Security Policy clearly define any disciplinary actions that may be taken in the event of misuse of the Company IT systems?
 
Yes
 
No
 
 

14. Does your IT Security Policy identify all legislation with which your company aims to comply?
 
Yes
 
No
 
Don't know
 
Other
 
 
 

15. Is compliance with your overall IT Security Policy audited?
 
Yes
 
No
 
Don't know
 
Other
 
 
 

16. If it is audited - is this a manual or automated process?
 
Manual
 
Automated
 
 

17. How often is your IT Security (and Policy) audited?
 
Annually
 
More often
 
Less often - please detail
 
 

18. If you do not currently have an IT Security Policy - are you planning to implement one?
 
Yes
 
No
 
Don't Know
 
Already have one
 
Other - please detail.
 
 
 

19. Do you have specific procedures/checklists in place to cover leavers (this includes dismissal or redundancy)?
 
Yes
 
No
 
Don't know
 
 

20. Is data properly erased from hardware/media before disposal?
Note: By properly we mean using a specific software tool rather than a simple del *.* or reformatting.
 
No
 
Yes - please detail (if possible)
 
 

21. Does your Company monitor your employees' use of eMail?
 
Yes
 
No
 
 

22. If you do monitor eMail - do your employees know that they are being monitored?
 
Yes (covered in IT/Security Policy)
 
No
 
 

23. If eMail is monitored are regular reports issued to management?
 
Yes
 
No
 
Don't know
 
 

24. Does your Company monitor your employees' use of the Internet?
 
Yes
 
No
 
Don't know
 
 

25. If Internet use is monitored - do your employees know that they are being monitored?
 
Yes (covered in IT/Security Policy)
 
No
 
Other
 
 
 

26. If Internet use is monitored - are regular reports issued to management?
 
Yes
 
No
 
Don't know
 
 

27. Does your Company allow access to 'non-Company' webmail systems? (i.e. Hotmail)
 
Yes
 
No
 
 

28. Does your Company ban access to specific web sites?
 
No
 
Yes - Please detail categories (gambling, banking, etc.)
 
 

29. Do you know who, in your company, is responsible for ensuring that Corporate Governance issues, which include compliance with relevant legislation, are complied with?
 
You
 
IT Director/CTO
 
Company Secretary
 
Don't know
 
Other
 
 
 

30. Are you aware of any current misuse of IT systems within your Company?
 
Yes
 
No
 
Rather not say
 
 

31. If you are aware of any misuse, how was it discovered?
 
Routine monitoring?
 
Another employee reported it?
 
Other - please detail
 
 

32. Are you aware of any incidents of misuse of IT systems within your Company in the last 12 months?
 
Yes
 
No
 
Rather not say
 
Don't know
 
 
33. In your opinion, do you think that companies are generally taking IT security seriously and that they are on top of current legislation?
Agree Neutral Disagree
Please indicate:
 
Please contact [email protected] or click here if you have any questions regarding this survey.
Survey Software Powered by QuestionPro Survey Software