A PBX Audit Checklist

This list was compiled from a brave posting made on the CISSA's mailing list and then augmented with principles from Protection and Security on the Information Superhighway .

Part N - Organizational Suitability

Check all that apply:

Top management supports PBX protection efforts.
PBX protection is a budget item and is adequately funded.
Mid-level managers respond well to added procedures dedicated to PBX protection.
Employees look forward to training sessions and respond well when tested by outside testers.
Telecommunications and IT people redily agree on who should manage what aspects of PBX protection.
The good of the organization is more important to most employees than building their feifdoms.
There is a clear line of authority for reportiung and responding to intrusions.
Employees demonstrate tollerance toward PBX people when problems are being repaired.
Human resources works well with IT and Telecommunications to facilitate rapid response to job changes.
Employees don't hesitate to inform managers of errant phone behavior.
With maximum value of