Need an short quick self-assessment tool for confidential information handling

[James H Moore <jhmfa () RIT EDU>]

New York State is in the process of finalizing some disclosure laws.  And
there is a crest of concern about confidential information handling.  We are
working on a standard, but my VP wants me to send out a 2 level instrument.
The first is a quick assessment, something like 5-10 questions.

I don't know if I can find 5 reliable indicators for the questionnaire.  But
I need it short otherwise people won't do it.

The short survey should have a threshold that says, if you scored more than
# "yes" responses, you need to do a more detailed survey.

Has anyone already developed something like this?

Jim

- - - -
Jim Moore, CISSP, IAM
Information Security Officer
Rochester Institute of Technology
13 Lomb Memorial Drive
Rochester, NY 14623-5603
(585) 475-5406 (office)
(585) 475-4122 (lab)
(585) 475-7950 (fax)

"In the middle of difficulty lies opportunity." Albert Einstein

"The release of new internet threats have not created a new problem. It has
merely made more urgent the necessity of solving an existing one." Parallels
quote by Albert Einstein on atomic energy"

Attachment: smime.p7s
Description: