You are here

How do you know if your computer systems or physical office space are at risk for cybersecurity threats and intrusions? You can utilize free resources that are designed to help everyone, from novices to experts, better understand their technological footprint. You don’t need any special training or knowledge to be proactive today. Approach this as an internal audit to learn about your systems. There are checklists available online that mimic those used by technology and cybersecurity firms. For more information on security audits as well as technology and cybersecurity services, view the resources and links we compiled to help you get started, they're located at the bottom of this page.

The first step is to inventory your municipality’s digital and paper assets. This includes systems and hardware used by officials who conduct business outside the town office (such as individuals who send town-related emails from personal email accounts using his or her home computer).

General Asset Sample Inventory Questions

  1. What kinds of records do you manage?
  2. What format are they in?
  3. How are they stored?
  4. What software and hardware are you using?
  5. What digital security measures are you currently aware of that are in place? (examples include: virus software, password managers, multi-factor authentication, etc.)
  6. How is your physical workspace set up? What kinds of security do you have in place for physical assets? (sign in sheets for visitors, key cards, video cameras, etc.
  7. Who has access to your systems, office space, and passwords?
  8. Do you have a technology use/cybersecurity policy? Is it up to date
  9. How often, if ever, do you or your staff receive training? Who conducts it? What topics?

Review the guidance, checklists, and samples via the links below to customize your own assessment.

Understanding your systems will help you better assess the security currently in place as well as what may be needed. Next, identify questions you have about those systems and assets to share with internal staff or vendors responsible for you municipality’s technology security. We have provided a list of resources below to help you in start this process.

Publication Date: 
Friday, March 01, 2019

Resource Category: