SSCL Security Test

1.

1 point

Use of business email address to register with social networks is strictly prohibited

True

False

2.

3 points

SSCL’s business objectives are:

Understand and deal with the causes of poverty.

Improve customer experience

Reduce costs that support the delivery of civil service reform and the Next generation Shared services

Create and develop a sustainable and growing business

3.

3 points

SSCL’s business objectives can be achieved by:

By using business email address to register with social networks

By employing customer focused and high performing staff that are engaged through opportunities, a thriving atmosphere and share in the ownership of the business

Controlling costs and maximizing resource efficiency

Expanding the service volume and developing increasingly new value added services.

4.

3 points

MOJ is responsible for

Probation Services

Prisons

Pensions

Courts

5.

2 points

Whistleblowing is about reporting malpractice which may include

Financial malpractice & Failures to comply with applicable regulations e.g., health and safety guidance

Drug or alcohol abuse & Withholding evidence from an internal or external authority

Reckless conduct in the workplace

All the above

6.

1 point

How many competencies’ do we have in Steria?

8

6

5

7

7.

1 point

You receive an email with an attachment written as Top secret. What would you do?

Forward it to your colleagues

Delete the email

Inform the available lead

Ignore the email

8.

2 points

Which are the Technical security controls of the below?

Firewalls

Spyware

Access control

All of the above

9.

1 point

We must ensure that the appropriate Security Classification is applied to all information.

True

False

10.

1 point

Any employee must not divulge any information relating to SSCL on Social Media platforms.

True

False

11.

1 point

What are the impacts on not reporting?

Not reporting incidents in a timely manner could have a significant effect on the efficient operation of SSCL

It may result in financial loss and an inability to provide necessary services to SSCL consumers

All the above

None of the above

12.

1 point

The department of work and Pensions is responsible for welfare, pensions and child maintenance policy?

True

False

13.

1 point

Information Security is the practice of defending information and systems from unauthorized

Access & Disclosure & Disruption

Use & Modification & Destruction

All of the above

None of the above

14.

4 points

Select from the below list the Record Types:

Databases held on mainframe systems, for example SAP

Desktop e.g. Word, PowerPoint, Access, Excel, SharePoint and similar applications

Electronic

Soft copy

Electronic communications e.g. email, instant messaging, video, voice, intranet product pages and CCTV

15.

1 point

Whose responsibility is to ensure that SSCL complies with all statutory, business, audit, regulatory and other requirements concerning record retention?

Line Manager

Legal Department

Employee’s

16.

1 point

Security incidents should be reported to

SSCL.Security@omni.probation.gsi.gov.uk

sscl_security.in@soprasteria.com

17.

1 point

Select the Record Management Policy Objectives from the below list?

key records are maintained and reviewed regularly

there is a clearly identified retention period for each record type

once records are no longer required (as defined by the applicable data retention period) they are destroyed or transferred to a safe, secure and confidential central store or archive

All the above

18.

1 point

What are your security responsibilities – Emails?

Do not share your email account with others

Do not disseminate inappropriate or offensive material

Be aware that SSCL email systems are monitored

All the above

19.

1 point

Which of below is NOT Steria competency?

Service Excellence

Teamwork

Leadership

Personal Development

20.

1 point

SIRO stands for

Simultaneous Intersecting Runway Operations

Senior Information Risk Owner

Strategic Interdisciplinary Research Officer

Service in Random Order

21.

1 point

Good physical and security practice includes

Always displaying you Steria identity badge

Invoking password protected screen saver before leaving laptop

All of the above

None of the above

22.

2 points

The Security Incident Management Policy objectives are to mitigate the following risks:

To help identify and deal with areas for improvement to decrease the risk and impact of future incidents.

To reduce the impact of information security breaches by ensuring incidents are followed up consistently and correctly

To help identify and deal with areas for improvement and include on the form

To identify that no sensitive information should be included on the form.

23.

1 point

Who is the Marketing and Client Engagement Director?

Monica Owen

Chris Ashburn

Clare Edwards

24.

2 points

What are your security responsibilities – Identification?

Challenge anyone not displaying an ID Badge

Do not allow anybody to “tailgate” behind you

Breaches must be reported to SSCL Security Team

25.

4 points

Select from the below list the Record Categories:

Accounting/Tax

Corporate Entity

Customer

Legal/Regulatory

None of the above

26.

1 point

Any one type of ‘Technical Security Control’:

Security Policies

CCTV

Encryption

None of the above

27.

1 point

Which of the below will lead to 5 rating?

Misbehavior

SIR, PIP

Warning via email, letter or verbal

All of the above

28.

4 points

Your Security responsibilities – Telephone Use

Ensure personal conversations are kept to a minimum

Be mindful of who can hear you when discussing SSCL business

Keep conversation private

Ensure content of discussion are as least sensitive as possible

29.

2 points

What is the ratio of performance rating (data driven) and of competency rating?

65:35

60:40

70:30

50:50

30.

1 point

SSCL Joined Venture is owned by Steria & Cabinet Office as below ratio

25:75

80:20

90:10

75:25