Laserfiche WebLink
City of Elk River <br />L3 Assessment with Roadmap <br />Phase 3— Internal Technical Controls Assessment <br />Internal '1'echnical Controls are the controls that are technical in nature and used within your <br />organization's technical domain (inside the gateways ar firewalls). Internal technical controls include <br />things such as firewalls, intrusion prevention systems, anti-virus software, and mobile device <br />management (MDM). <br />Phase 3 reviews these controls using a combination of interviews with staff and use of tools to <br />perform: <br />• Vulnerability scanning on the internal netwark(s), <br />• Tests for password policies, system permissions, required auditing and system settings that <br />are common in all netwarks. <br />• Tests for user auditing settings, such as their password complexity and logging access <br />tailures and logons that are common in all netwarks. <br />• 1'ests against known good configurations <br />Phase 3 of the S20rgOO assessment consists of the following control sections: <br />►r <br />FRSecure discloses the tools, methods, and contigurations employed during testing to enable your personnel to conduct future testing on a regular <br />basis. <br />The Internal'1'echnical Controls are assessed through: <br />1. Documentation review <br />2. Interviews with the FRSecure Analyst <br />3. Observations made by the FRSecure Analyst <br />4. 1'ools run by FRSecure or your personnel <br />CONFIDENTIAL INFORMATION <br />Tltis document may contain information that is privileged, confidential or otherwise protected from disclosure. Dissemination, dis[ribution or copying of this document or the information herein is prohibi[ed <br />without prior permission of FRSecure. <br />Copyright 2022 FRSecure LLC, All Ri@iu`� ResPrv¢d. Document ID: FRSQ 5515 <br />