Annual security audit checklist
Jump to navigation
Jump to search
|
This policy was adopted by the Board on 9 February 2013. It is part of a series of IT Security Policy. |
| Task Name | Description | Status | Completed |
|---|---|---|---|
| Payment Providers PCI Compliance | Upload most recent certifications of providers to relevant page on UK Wiki | Due Sept 2013 | - |
| Security Audit | Conduct a security audit - check staff and volunteers complying with procedures | To do | |
| Archive 'Fundraising@' email | Check emails deleted and folders compacted on a quarterly basis | Due Sept 2013 | |
| Legal briefing to staff | Provide update briefing to members of staff on changes to the law and implications | To do | |
| Update staff training | Provide update briefing to members of staff on any set-up and policy changes as a result of audit | To do | |
| Cardholder data policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 | |
| Data breach policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 | |
| IT Security policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 | |
| Donor Privacy Policy | Review policy and seek to agree amendments to reflect current circumstances | Due Sept 2013 |