2023 Security & Compliance Checklist

Jan 4, 2023

2023 is here! Happy New Year’s All!

It is time to take a close look at your 2023 schedule to make sure the critical elements of your information security and compliance programs are mapped out, plus a few extra key factors we think are important to focus on.

Items you may want to schedule:

  • Information Security Awareness training
  • Policy review, updates, and approval (annually)
  • IT Risk Assessment review and updates
  • Cybersecurity review and updates
  • Ransomware review and update

External security assessment and audits

  • Vulnerability Assessment (internal and external, expected annually)

Internal assessment and audits

  • User account review/audit
  • Cloud infrastructure review
  • User permission testing and audits (suggested quarterly)
  • Testing backups
  • Power generator and UPS testing
  • Firewall configuration and rule review (expected quarterly)
  • Continuing education for IT security and IT administration

Other items that may need attention:

  • Have you remediated all findings from your past audits and examinations?

Have all your employees read and sign your institution’s:

  • Acceptable Use Policy
  • Employee Handbook
  • Confidentiality Agreements

Program Training & Testing:

  • End-user training
  • Walk-through exercises

Partial or Complete Tests of the Following:

  • Business Continuity Plan
  • Disaster Recovery Plan
  • Business Impact Analysis
  • Pandemic Continuity Plan
Skip to content