Page 1
General Information
Organization Name
Assessment Date
Assessed By
Asset Inventory
Total Number of Devices
Number of Servers
Number of Workstations
Number of Mobile Devices
Number of Network Devices
Threat Assessment
Have there been any security incidents in the last 12 months?
Are there any known vulnerabilities in the systems?
Is there a history of targeted attacks?
What is the likelihood of a successful attack?
Security Controls
Are there access controls in place?
Is data encrypted at rest and in transit?
Is there a incident response plan?
Are employees trained on security best practices?
Risk Scoring
What is the impact of a successful attack?
What is the overall risk score?
Recommendations
Recommended security improvements
Timeline for implementation
Estimated budget for improvements