Security Training Organizational Questionnaire

The following questions are intended to provoke discussion more than nail down concrete answers. Feel free to answer as loosely or specifically as you feel useful to your organizing needs.

Social Media

Answer for each of the social media accounts you use regularly.

  1. Do you post from an organizational account, from your organizers' individual work accounts, or from your organizer's personal accounts?

  2. If posting from an organizational account, can you identify the individuals personal accounts from your posts (e.g. via likes, reposts, etc)?

Web and Email

Answer for each of your web sites/email domains.

  1. Where is your web site hosted? Who has access to make changes to it?

  2. Where is your email hosted? Who has access to add/delete accounts?

Password management

  1. How do you share passwords for organizational resources?

Instant Messaging

  1. Do you use any instant message services? If so which ones?

Devices

  1. What devices do you use in your office. Please give a rough approximation of: Servers, Desktop computers, Laptop computers, cell phones and others.

  2. Do you have any equipment policy on how these devices should be setup (password protection, encrypted disks, etc)

Database

  1. Do you have any organizational databases (including services for action alerts, sending email, accepting or managing donations, etc)? Please describe all that are in active use.

Sharing Documents

  1. Do you have a file server? Or do you use an online service like ownCloud, Dropbox or Google Docs?

Policies on technology/communications

  1. Do you have any policies on how your organizers should use technology? For example, guidelines on social media, what topics should be discussed on what mediums, what devices are allowed to be used and whether they need to be encrypted, etc.

Training and Capacity

  1. Do you have a standard training/orientation when new people begin using your organization's technology?
  2. Do you have a staff person in charge of maintaining your infrastructure? Do they have the resources to properly do their job?

Backups

  1. What data is backed up and where? For example:
    1. Data stored on a server you manage?
    2. Data stored only on an organizer's computer but not shared?
    3. Or, data stored on Google Docs - if your account is suddenly revoked?
    4. Or, if your database goes down, do you have a backup?
Training Category: 
Data Culture
Security