Risk Assessment - Hosting Site

  • Post author:
  • Post category:
  • Post comments:0 Comments
  • Post last modified:August 28, 2006

다음 자료는 모 외국계 금융회사에서 사용하는 실제 리스크 평가 자료의 일부입니다. 여러분의 회사는 리스크 관리를 체계적으로 하나요?

Operational Risk
Risk Area Interview Question Interview Results

Performance Management

  1. Describe the tools and processes that will be used to monitor network, systemm, and application performance.

  2. Describe the tools/hardware/software in place to enhance system performance (e.g. load blancers, redundancy, etc.).

  3. What are the gaps in your current ability to proactively monitor network system performance and application performance?

  1. We gave separate custom built monitoring and tool systems watching all the applications and components

  2. N.A.

Operations

  1. Does the service provider use write-once technology for storing audit trails and security logs? If not, who may alter these logs?

  2. Does the service provider have documented procedures for evaluating security alerts from operating system and application vendors and for installing security patches and service packs?

  3. Is the operating sysstem on production servers hardened (e.g. web, application, database)? Is there a documented policy for this?

Author Details
Kubernetes, DevSecOps, AWS, 클라우드 보안, 클라우드 비용관리, SaaS 의 활용과 내재화 등 소프트웨어 개발 전반에 도움이 필요하다면 도움을 요청하세요. 지인이라면 가볍게 도와드리겠습니다. 전문적인 도움이 필요하다면 저의 현업에 방해가 되지 않는 선에서 협의가능합니다.
0 0 votes
Article Rating
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments