Monday, September 10, 2012

Business Data Security Checklist

Business Data Security Checklist


John Kyriazoglou*


A business data security policy and related procedures should include protection controls and measures that cover the following issues:

1. Comprehensive due diligence of all critical staff, including external parties (outsourcing, external suppliers, sub-contractors, etc.). 

2. Authentication of all customers.

3. Non repudiation and accountability for all on-line transactions.

4. Segregation of duties.

5. Authorization controls.

6. Business data, transactions, records and information integrity.

7. Transactions audit trails.

8. Information confidentiality.

9. Appropriate disclosures for organizational services.

10. Data privacy.

11. Business continuity and contingency planning.

12. Security and other crises incident response planning.

13. Access controls: encryption, passwords, password control devices, tokens, user authentication devices, anti-hacking tools/techniques, digital signals origin identification, anti-tapping tools/techniques.

14. Data confidentiality.                             

15. Data integrity.

16. Anti-virus and e-crime detection software.

17. Time stamping.

18. Biometrics.

19. Digital signatures.

20. Smart cards.                            



John Kyriazoglou (

John Kyriazoglou, CICA, B.A (Hon-University of Toronto)

International IT and Management Consultant, author of several books

SSRN Free Publications:



1 comment:

  1. I would also add to these list a virtual data rooms, such as Ideals as one of the most protected service for business data. I think it should be mentioned.