Completing the 2018 Baseline Assessment

Yesterday, we held our termly Information Security Special Interest Group (SIG). Among the many topics discussed, we presented a series of updates, clarifications and suggestions to make it easier for you to complete this year's baseline security assessment. This included:

  • How to determine which 3rd parties require information security due diligence
  • Avoiding common misunderstandings on some high-level and technical controls
  • A template you can use to record changes to your technical infrastructure
  • A way of keeping tabs on who has permission to access the different parts of your Windows file shares
  • A list of which data you should record when dealing with incidents
  • A quick reference guide to a number of ready to use resources available from our SharePoint site

To find out more, check out the slides available at and download a copy of the changelog template from