Risk Assessment - Hosting Site

다음 자료는 모 외국계 금융회사에서 사용하는 실제 리스크 평가 자료의 일부입니다. 여러분의 회사는 리스크 관리를 체계적으로 하나요?

Operational Risk
Risk AreaInterview QuestionInterview Results

Performance Management

  1. Describe the tools and processes that will be used to monitor network, systemm, and application performance.

  2. Describe the tools/hardware/software in place to enhance system performance (e.g. load blancers, redundancy, etc.).

  3. What are the gaps in your current ability to proactively monitor network system performance and application performance?

  1. We gave separate custom built monitoring and tool systems watching all the applications and components

  2. N.A.

Operations

  1. Does the service provider use write-once technology for storing audit trails and security logs? If not, who may alter these logs?

  2. Does the service provider have documented procedures for evaluating security alerts from operating system and application vendors and for installing security patches and service packs?

  3. Is the operating sysstem on production servers hardened (e.g. web, application, database)? Is there a documented policy for this?

Advertisements

최 재훈

블로그, 페이스북, 트위터 고성능 서버 엔진, 데이터베이스, 지속적인 통합 등 다양한 주제에 관심이 많다.
Close Menu