This repository includes the following files, which should help perform a DIY Risk Assessment, as well as help improve security. It includes the following files:
- autid.ps1 - PowerShell script for auditing Active Directory users and groups
- auditAD.pl - Perl script that compares security group memberships to those configured in auditAD.xml
- auditAD.xml - XML that holds the "master" AD group membership configuration (put it in a versioning system and provide an authorization reference with each update)
- Basic Vendor Assessment.xlsx - Sample questions to consider when evaluating critical vendors
- DIY Risk Assessment.docx - Starting point for performing the DIY risk assessment
- Resources.txt - List of Internet links for other helpful resources
- Risk Register Template.xls - A great example of a risk register
- Security Governance Meeting Agenda.docx - Sample agenda of a periodic security governance meeting
- Vendor Security Risk Assessment report - In Depth.pdf - A more in-depth example of a risk assessment that can be applied to vendors or as a DIY self-assessment
Use all of the documents at your own risk, this collection is geared at helping people get started...