Financial Services Security Risk Assessment Questionnaire
Organization Overview
Organization Name
Contact Person
Email Address
Phone Number
General Security Policies
Do you have a documented information security policy?
Is the policy reviewed and updated regularly?
Access Control
Is access to sensitive financial data restricted based on role?
Are multi-factor authentication methods enforced?
Network Security
Is your network segmented for financial systems?
Are firewalls and intrusion detection/prevention systems deployed?
Data Protection
Is sensitive financial data encrypted at rest and in transit?
Are regular data backups performed and tested?
Incident Response
Do you have an incident response plan in place?
Has your organization conducted incident response drills?
Vendor Management
Are third-party vendors required to comply with security standards?
Is there a process for assessing vendor security risks?
Comments / Additional Information
Provide any additional information or comments: