- Describe what physical security measures you have in place for unauthorised access to any of your work space (i.e key fob/ID card)?
- How do you dispose of digital media when it is no longer in use and how do you log this?
- How are your systems protected against newly discovered vulnerabilities or threats?
- Do you have an Access Control policy?
- Do you have a documented Data Protection Policy which obliges your organisation and all its employees and/or contractors to comply with Data Protection legislation?
- Do you have any sub-processor contracts?
- Do you have a procedure in place to ensure we are notified without delay of a data breach concerning the personal data of our customers and/or employees?