| 💼 a. personal versus corporate use of information assets; | | | | | no data |
| 💼 b. email usage, internet usage (including social networking) and malwareprotection; | | | | | no data |
| 💼 c. physical protection, remote computing and usage of mobile devices; | | | | | no data |
| 💼 d. awareness of common attack techniques targeted at personnel and facilities (e.g. social engineering, tailgating); | | | | | no data |
| 💼 e. access controls, including standards relating to passwords and other authentication requirements; | | | | | no data |
| 💼 f. responsibilities with respect to any end-user developed/configured software (including spreadsheets, databases and office automation); | | | | | no data |
| 💼 g. expectations of staff where bring-your-own-device is an option; | | | | | no data |
| 💼 h. handling of sensitive data; | | | | | no data |
| 💼 i. reporting of information security incidents and concerns. | | | | | no data |