COBRA Due Diligence LITE

  1. { binding displayValue, mode=oneTime }

PART 1 - PROCESSES

Company Details

{ binding firstError.message }

For companies: as registered with Companies House

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

For companies: as registered with Companies House

What is your organisation's address? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

For companies: as registered with Companies House

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

Scope and Insurance

{ binding firstError.message }
{ binding firstError.message }

Managing Security

Is your organisation certified to any of the following information security or data protection standards? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }
Under what regulatory platforms do you operate? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

Risk Management

{ binding firstError.message }
Do all staff and contractors receive regular information security and data protection training (at least annually)? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

Physical and Environmental Security

What physical security measures do you deploy? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

People

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{# pageNumbers}

PART 2 - TECHNICAL INFORMATION

List the quantities of tablets and mobile devices in use. 

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
List the operating system types running on laptops, computers servers and mobile devices within scope {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

Information Assets and Cloud Services

{ binding firstError.message }
{ binding firstError.message }
Where is your data stored? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

Office Firewalls and Internet Gateways

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

Secure Configuration

{ binding firstError.message }
{ binding firstError.message }

Software Patching

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

Operations and Management

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

User and Administrative Accounts

{ binding firstError.message }
{ binding firstError.message }

Malware Protection

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

Vulnerability Scanning

{ binding firstError.message }

Monitoring

{ binding firstError.message }

Backups and Restore

{ binding firstError.message }

Incident Management and Business Continuity

{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

DATA PRIVACY

KryptoKloud will:

  • Utilise its own COBRA infrastructure.
  • Handle all business information according to its Data Privacy Policy and all data will be correctly handled and stored to be GDPR aligned.
  • Retain the information for no longer than is necessary for the task in hand.
  • Please visit  https://kryptokloud.com/privacy-policy/ for further information.
{ binding firstError.message }
{# pageNumbers}

COBRA Due Diligence LITE

The email has been sent.

Your progress has been saved.

{ binding firstError.message }

COBRA Due Diligence LITE

PART 1 - PROCESSES

Company Details

What is your organisation's name (for companies: as registered with Companies House)?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Point of contacts name {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Point of contacts email address {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Point of contacts contact number  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
What is your organisation's name (for companies: as registered with Companies House)?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
What is your organisation's address? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
What is your main business? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
What is your website address? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
What is the size of your organisation? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
How many staff are home workers? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
How many staff routinely work remotely? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Has the organisation knowlingly been the victim of a security breach? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Where you have anti-malware installed, is it set to update daily and scan files automatically upon access? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Scope and Insurance

Does your organisation hold or process personal data (as defined by your country's data protection legislation)?   {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you have cyber insurance protection? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Managing Security

Is your organisation certified to any of the following information security or data protection standards? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }
Under what regulatory platforms do you operate? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

Risk Management

When your organisation collects personal data from a subject do you clearly state what it is being collected for, how it will be processed and who will process it and does the data subject have to provide consent for this? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do all staff and contractors receive regular information security and data protection training (at least annually)? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

Physical and Environmental Security

What physical security measures do you deploy? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

People

Do you operate from shared workspaces (e.g. WeWork, Regus, etc.) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Additional Comments  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }
{ binding firstError.message }

PART 2 - TECHNICAL INFORMATION

List the quantities of tablets and mobile devices in use. 

Desktops {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Laptops {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Tablets {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Mobile Phones {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Servers {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Virtual Machines {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
List the operating system types running on laptops, computers servers and mobile devices within scope {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }
Do you have a nominated security coordinator? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Information Assets and Cloud Services

Is the use of removable media (e.g. USB memory sticks or removable hard drives) permitted on your network/devices? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Is encryption employed on all mobile devices and removable media (e.g. laptops, mobile phones, USB memory sticks)? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Where is your data stored? (Select all that apply) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }
Do you have a Data Loss Prevention (DLP) capability {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you use cloud providers to store company information (such as files, emails, data backups)? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you use cloud providers to share company information between employees or with customers? (such as instant messaging or collaboration tools)? If so, please list all providers. {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Office Firewalls and Internet Gateways

Do you have firewalls at the boundaries between your organisation’s internal networks and the internet? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you have software firewalls enabled on all of your computers and laptops? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you allow remote access to your network for standard users? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Secure Configuration

Do all your users and administrators use passwords of at least 8 characters? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Is "auto-run" or "auto-play" disabled on all of your systems? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Software Patching

Are all operating systems and firmware on your devices supported by a supplier that produces regular fixes for any security problems? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Are all applications on your devices supported by a supplier that produces regular fixes for any security problems? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Is all software licensed in accordance with the publisher’s recommendations?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Are all high-risk or critical security updates for applications (including any associated files and any plugins such as Adobe Flash) installed within 14 days of release? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Operations and Management

Do you have a Threat Intelligence Capability? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you employ an Insider Threat Capability (e.g. Behaviour Analytics)? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you employ an anti-ransomware Capability? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Are your IT services outsourced? (e.g. to a 3rd-party IT management company) {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

User and Administrative Accounts

Do you have processes in place to delete, or disable, any accounts for staff who are no longer with your organisation?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you ensure that staff only have the privileges that they need to do their current job? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Malware Protection

Are all of your computers, laptops protected by an anti-virus capability? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Are all of your tablets and mobile phones protected by an anti-virus capability? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Where you have anti-malware software installed, is it set to update daily and scan files automatically upon access? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Where you have anti-malware software installed, is it set to scan web pages you visit and warn you about accessing malicious websites?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Where you have anti-malware software installed, is it set to scan web pages you visit and warn you about accessing malicious websites? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Vulnerability Scanning

When was the last time you had a vulnerability scan on your system?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Monitoring

Do you have detection and response capabilities (e.g. Security Event and Incident Management (SIEM) or Managed Detection and Response (MDR)? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Backups and Restore

Are data stored on the business premises backed up regularly (at least weekly) and restores tested at appropriate intervals (at least monthly)? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }

Incident Management and Business Continuity

Do you report incidents to external bodies as required, such as law enforcement for criminal activity and the relevant authorities (such as the UK ICO) for personal data breaches?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you have an incident response plan outlining the actions to be taken in the event of an incident (e.g. security incident, data breach, etc.)? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you ensure that business impact assessment, business continuity and disaster recovery plans are produced for your critical information, applications, systems and networks? {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you review the business continuity and disaster recovery plans at least once per year? Who is involved in the review?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Do you test the business continuity and disaster recovery plans at least once per year by running a simulation exercise that includes cyber incidents?  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{binding displayValue}
{ binding firstError.message }
Additional Comments  {{ Cognito.resources["required-asterisk"] }} , { binding firstError.message }
{ binding firstError.message }

DATA PRIVACY

KryptoKloud will:

  • Utilise its own COBRA infrastructure.
  • Handle all business information according to its Data Privacy Policy and all data will be correctly handled and stored to be GDPR aligned.
  • Retain the information for no longer than is necessary for the task in hand.
  • Please visit  https://kryptokloud.com/privacy-policy/ for further information.
{ binding firstError.message }