Posted on 2009-05-05
I wonder if you could provide a basic overview on what types of security assessment, audits etc you perform on your IT infrastrucuture, and how often you perform it, i.e. assess your firewall every quarter, your physical security every 6 months, your IDS 6 monthly etc etc.
We have come up with some plans to fit in security assessments of certain components of our IT infrastructure and security, to be performed by an external vendor but would just like to compare the plans to your setup.
Any pointers most welcome, and timelines on how often you assess certain parts of your IT setup, infrastructure and key systems would be most appreciated.