Information Technology Risk Controls

Approved

Posted by: Admin

Ensuring accurate inventory of the infrastructure, to assure prompt system support and troubleshooting. Read more.

Posted on: 2021-01-20
Approved

Posted by: Riskory

Enabling necessary and/or secure services and protocols. Read more.

Posted on: 2021-01-20
Approved

Posted by: Riskory

Ensuring End-user devices are patched in a timely manner. Read more.

Posted on: 2021-01-20
Approved

Posted by: Riskory

Authorized devices having proper access to network resources Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Strong authentication mechanisms to access systems, applications and data. Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Effective cybersecurity governance framework Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Ensure effective compliance monitoring Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Ensure effective cybersecurity risk management framework & practices Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Ensure effective management over the inventory of IT hardware (and virtual) systems Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Ensure Roles and Responsibilities are clearly defined, documented, approved by Management and communicated Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Ensure effective cybersecurity awareness programs Read more.

Posted on: 2021-01-21
Approved

Posted by: Riskory

Ensure strong authentication mechanisms and user access management controls are in place to protect the corporate systems, applications and data. Read more.

Posted on: 2021-01-22
Approved

Posted by: Riskory

Ensure defined or effectively implemented user account management procedures for requesting, establishing, issuing, suspending, modifying and closing user accounts and related user privileges. Read more.

Posted on: 2021-01-22
Approved

Posted by: Riskory

Ensure effective security monitoring activities Read more.

Posted on: 2021-01-22
Approved

Posted by: Riskory

Ensure effective coordination in the incident response process. Read more.

Posted on: 2021-01-22
Approved

Posted by: Riskory

Ensure proper classification and protection of business information assets Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure proper and patched security vulnerabilities of IT components and systems Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure proper, consistent and/or secure configurations of network devices Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure proper, consistent and/or secure configurations of IT systems, e.g., running default and/or secure system services Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure Preventive, detective and corrective measures that are properly enabled across the organization to protect information systems and technology from malware (e.g., viruses, worms, spyware, and spam) Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure existent, adequate and/or effectively implemented change management framework Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure proper segmentation of Internal networks Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure only authorized machines are connecting to the network Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure properly controlled remote access to corporate network Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure that Applications are securely developed, configured, managed and monitored. Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure controlled SAP/EPIC authorization Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure adequate High-availability architecture is in place. Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure defined and effectively implemented procedures for backup and recovery Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure effective IT Disaster Recovery Plan (DRP) is in place Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure that Obsolete or underutilized hardware are properly decommissioned. Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure proper obsolescence plan and criteria is in place. Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure Identity Management is in place to manage the user lifecycle from onboarding to termination/offboarding. Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure security baselines are defined, monitored, and enforced on IT infrastructure devices. Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure resilience of the Infrastructure/Systems Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Robust controls are in place to ensure that contract objectives, service levels, maintenance, and support services are adequately delivered, meet customer needs, and are in compliance with the contract requirements.... Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure timely patching of corporate applications and their supporting components Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure monitoring the application security implementation and ensuring re-accreditation Read more.

Posted on: 2021-01-23
Approved

Posted by: Riskory

Ensure that Applications are hardened according to the approved Security Baselines Read more.

Posted on: 2021-01-24
Approved

Posted by: Riskory

Ensure strong access controls and formalized procedures for the assignment of system privileges to access corporate systems, applications and data, Read more.

Posted on: 2021-01-24
Approved

Posted by: Riskory

Ensure the existence of proper data classification mechanisms and encryption Read more.

Posted on: 2021-01-24
Approved

Posted by: Riskory

Ensure adequate logging and monitoring activities are implemented. Read more.

Posted on: 2021-01-24
Approved

Posted by: Riskory

Ensure existence of a formal charter with comprehensive roles and responsibility Read more.

Posted on: 2021-01-25
Approved

Posted by: Riskory

Ensure properly developed and maintained set of corporate standards and guidelines for security configuration baselines. Read more.

Posted on: 2021-01-25
Approved

Posted by: Riskory

Ensure that operation required tasks are carried out adequately, consistently and securely Read more.

Posted on: 2021-01-25
Approved

Posted by: Riskory

Ensure proper storage capacity and existence of good capacity planning Read more.

Posted on: 2021-01-26
Approved

Posted by: Riskory

Ensure proper business data retention policies and mechanisms are in place. Read more.

Posted on: 2021-01-26
Approved

Posted by: Riskory

Ensure Properly implemented controls for establishing and removing connectivity avenues to internal / extranet resources Read more.

Posted on: 2021-01-27
Approved

Posted by: Riskory

Ensure adequate performance and availability monitoring is in place. Read more.

Posted on: 2021-01-28
Approved

Posted by: Riskory

Ensure accurate inventory of the infrastructure, to assure prompt system support and troubleshooting Read more.

Posted on: 2021-01-28
Approved

Posted by: Riskory

ensure properly designed infrastructure architecture to protect the corporate network and connected resources, and ensure its resiliance. Read more.

Posted on: 2021-01-28
Approved

Posted by: Riskory

Ensure that contract procurement is conducted per the adopted Standard Operating Procedures (SOP), and policies. Read more.

Posted on: 2021-02-12
Approved

Posted by: Yaagoub AlNujaidi

Ensure that up to date accurate and comprehensive Active Directory check and controls are in place. Read more.

Posted on: 2021-02-23
Approved

Posted by: Yaagoub AlNujaidi

Ensure that Active Directory Group Policy and Security Settings are up-to-date and complies with the corporate policies, standards, and industry best practices. Read more.

Posted on: 2021-02-23