Scribd Logo
Upload

Welcome to Scribd!

  • TPNFL

    Uploaded by

    Bhuvaneshwaran
    2 views4 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as xlsx, pdf, or txt
    2 views4 pages

    TPNFL

    Uploaded by

    Bhuvaneshwaran

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as xlsx, pdf, or txt
    of 4

    2.1.

    Review of Policies and Procedures

    S.no

    2.2 Physical and environmental security

    S.no

    6
    7
    8
    7
    2.3 Asset Management

    S.no

    2
    2.4 Logical Access Control

    S.no
    1
    2.5 Endpoint Security

    S.no
    Observation

    We Observed that, Information security and cyber security policy is not available

    Observation

    Fire extinguishers are expired and not working.

    The procedures for the safe evacuation of personnel in an emergency is not


    displayed at prominent places.
    Smoke detectors are not installed to identify the fire break-out or any eventuality in
    the premises.
    CCTV logs are currently kept for 13 days, but should be kept for minmum 30 days.
    Its located in the board room without access security. 
    In TPNFL, UPS systems are not maintained in a separate room, but stored in the
    board room under dust-free conditions along with old ledgers and records of the
    branch
    There is no emergency exit is avaliable in TPNFL branch
    Security guards are not avaliable in branch
    No Em
    Periodical mock drill and awarness meeting not conducted in TPNFL

    Observation

    It was observed asset inventory is not avaliable and assets are not categorized
    based on their criticality.
    Assets are not labbed based on their criticality

    Observation
    Reviews of User logs are not mainted in periodic intervals

    Observation
    Impact Risk Rating

    Without an information security policy, a


    company could experience security breaches,
    legal consequences, damage to reputation,
    financial losses, and a competitive
    High
    disadvantage. It's important for companies to
    have a clear policy in place to protect their
    sensitive data and prevent these negative
    impacts

    Impact Risk Rating

    Expired and non-working fire extinguishers can be very


    dangerous in the event of a fire. Fire extinguishers are High
    important tools that can help control small fires before
    they get bigger.

    Medium

    Medium

    High

    High

    Medium
    High

    Medium

    Impact Risk Rating

    HIGH
    Medium

    Impact Risk Rating


    Low

    Impact Risk Rating


    Management
    Recommendation
    Response

    It is recommand to create a strong information


    security policy, companies should form a
    dedicated security team, identify risks and
    vulnerabilities, develop a clear and
    comprehensive policy, train employees on best
    practices, regularly monitor and review the policy,
    and seek expert advice if necessary. By taking
    these steps, companies can protect their sensitive
    data and minimize the risk of security breaches
    and cyber-attacks.

    Management
    Recommendation
    Response

    It is recommended to do regular maintenance and


    inspection of fire extinguishers.

    Management
    Recommendation
    Response

    Management
    Recommendation
    Response

    Management
    Recommendation
    Response

    You might also like