Annual security audit checklist

From Wikimedia UK
Jump to: navigation, search
Comment This policy was adopted by the Board on 9 February 2013. It is part of a series of IT Security Policy.
Task Name Description Status Completed
Payment Providers PCI Compliance Upload most recent certifications of providers to relevant page on UK Wiki Due Sept 2013 -
Security Audit Conduct a security audit - check staff and volunteers complying with procedures To do
Archive 'Fundraising@' email Check emails deleted and folders compacted on a quarterly basis Due Sept 2013
Legal briefing to staff Provide update briefing to members of staff on changes to the law and implications To do
Update staff training Provide update briefing to members of staff on any set-up and policy changes as a result of audit To do
Cardholder data policy Review policy and seek to agree amendments to reflect current circumstances Due Sept 2013
Data breach policy Review policy and seek to agree amendments to reflect current circumstances Due Sept 2013
IT Security policy Review policy and seek to agree amendments to reflect current circumstances Due Sept 2013
Donor Privacy Policy Review policy and seek to agree amendments to reflect current circumstances Due Sept 2013