Who currently receives security or compliance questions?
Who documents or maintains security/IT compliance tasks?
Who would leadership blame if there was a cybersecurity incident tomorrow?
Who completed the last cyber insurance renewal or audit questionnaire?
1 out of 3
Have you been explicitly told you are the DQI / Security Officer?
Do multiple departments come to you for guidance about: risk, compliance, or security?
Do you oversee or sign off on anything related to: • access control • training • policies • vendor security • incident response?**
2 out of 3
If an auditor walked in tomorrow, how prepared would you feel?
Do you have the 7 core DQI documents completed? • Risk Assessment • Policies • Incident Response Plan • Access Control Records • Training Records • Vendor Management • Monitoring Evidence
Do you have a 12-month cybersecurity/compliance roadmap?
3 out of 3
