Contextual Assessment Informational Requirements
BACKGROUND
Understand the history of the organization and its mission
How did your organization form? What are its objectives?
Mission:
Year established:
Brief history:
Summary of current programs?
Upcoming campaigns?
INTERNAL FACTORS
Understand the assets used to achieve the organization’s goals
PHYSICAL
Where are you headquartered?
Address(es):
Reason for chosen location(s):
Do you share this space with anyone outside the organization?
Do you rent, own, borrow this space?
What other facilities do you own or occupy?
E.g. Satellite offices, warehouses, intermittent environments (temporary workspaces, conferences, workshops)
What equipment do you rely on? (Will be explored more deeply in Device Inventory)
Devices (computers, phones, tablets, routers, TVs, any other IoT like thermostat, alexa, etc.)
Provided to employees? Or do employees use their own?
Vehicles
Own, rent?
What other physical infrastructure does the organization depend upon?
Power
What is the regular system for providing power to the organization? On-grid, generator, solar?
What backup power systems are available to the organization?
Travel
Are employees allowed to travel with organization-owned devices? What devices are they likely to travel with?
Are "travel devices" available for employees to use? What is the organizational expectation of their use?
Are employees likely to travel to locations where device theft is common?
Are employees travelling through checkpoints (government, private, bandits, international)?
Trash removal and other janitorial services & recycling
How does the organization dispose of trash?
How does the organization dispose of sensitive documents?
How does the organization manage janitorial services for their workspace?
How does the organization perform cleaning their offices or other workspace?
Who conducts maintenance of physical infrastructure (plumbing, electricity)?
POLITICAL
How are you structured?
Leadership team (executives):
Board:
Management structure:
What politics are in play within the organization?
What are the political affiliations of its board members and leaders? (in general, or any heavily political advisors)
What are current political aspirations of current employees? Is anyone running for office?
What are the internal relationships between members?
Describe past and current internal conflicts -- organizational changes, layoffs & firing
Immigration/Citizenship/Refugee status:
Staff:
Beneficiaries:
ECONOMIC
What is your business model?
Corporate Structure (Non-profit, for-profit, hybrid)
Dependencies
Who are your Clients / Customers / Beneficiaries?
Who are your Donors?
Who are your other Funders (Grantors, Governments)?
Who are your partners for Contracted Services?
Current Financial Situation
Describe your organization’s Financial Health including inputs/outputs
What is your Financial Infrastructure - Where/How are funds stored?
Do you use Formal banking?
Do you keep Cash on hand?
Do you use Informal value transfer?
Seasonality
Are there specific times of year where you conduct certain programs or when fundraising or operations will intensify?
Advertising and Publicity Operations (Avenues for advertising, press, publicity - how is your organization known?)
Current Financial Situation
What is your Internal Cash Flow & Funding Streams?
What are your sources of Funding, grants, & Initiatives?
SOCIAL
Who keeps your organization running?
Number of employees:
Types of employees:
Full-time, part-time, intern, volunteer, contractor
Occupations & Salaries paid
Demographics (ages, genders, ethnicities, tribes):
Staff:
Beneficiaries:
Education
Formal education of staff members
Literacy of staff members
Technological knowledge and proficiency
Living Situations
Geographic dispersal - where do staff live in relation to work?
Where do they live in relation to beneficiaries?
In relation to their family (Diaspora?)?
Living conditions - what are the living conditions for staff?
What is your organization’s culture?
Organizational Practices (of Staff or Beneficiaries)
Which languages are used?
What perspectives on Security exist?
What perspectives on Privacy exist?
Working environment
Office bound?
Remote workers?
“Work from home” culture?
Organizational Practices (of Staff or Beneficiaries)
What norms are realized?
What taboos exist?
Hiring Practices
Describe current hiring practices. How are people screened before employment?
Describe current recruiting initiatives. How are people recruited?
Leisure Activities
Health Conditions
Current issues
Clinic / Medical Care Providers
Insurance Providers
TECHNOLOGICAL
See Device Inventory and Technical assessment
Do you currently have organizational policies for...
Technology Use?
System Access?
Privacy or data protection?
What are your future plans...
For acquiring replacement technologies or solutions?
For digitization of paper records or other assets?
For conducting software upgrades?
LEGAL
Do you have an internal legal team or rely on outside counsel?
What are your statutory & regulatory commitments for...
Business / Financial?
Ethical?
Environmental?
Data protection regulations (GDPR, etc)?
Others?
What are your current contractual obligations?
Have there been past breaches of contract?
Describe your organization’s lawsuits & legal challenges in the...
Past?
Present?
Future (Expected/Planned)?
THREATS
Consider...
Organized Crime
Nation State
Professional Hacker (Individual / Collective)
Hacktivists
Corporations
Terrorism
Criminal (Scammer / Opportunist)
Who were your past threats?
What persons, groups, or organizations have threatened, attacked, or harmed your organization, its employees, or beneficiaries in the past?
Cyberattacks
Physical harms
Other Crimes
What prior attacks has your organization experienced in the past?
Cyberattacks
Physical harms
Other Crimes
Who are your current threats?
What persons, groups, or organizations are your current threats to your organization?
Cyberattacks
Physical harms
Other Crimes
Which persons, groups, or organizations do you feel may harm your organization in the future?
EXTERNAL FACTORS
Factors beyond the organization’s Control, but that are highly relevant to their functioning
####POLITICAL
Support from Government Leadership of Organization’s Missions or Causes
Who are their supporters?
Who are their opponents?
Government Stability
Any recent shifts of power or structure?
Is there turmoil expected turmoil in the future?
Are there ongoing or nascent insurgencies?
External Stakeholders in Organization’s Mission
What other politicians or political groups are involved or impacted by the organization’s work?
What home pressure groups / lobbyists are for / against the organization’s work?
What international pressure groups / lobbyists are for / against the organization’s work?
Corruption in Government
What is the country’s general propensity & accountability for bribery, graft, etc?
Are there past or current corruption scandals involving the above stakeholders?
####ECONOMIC
Home economic situation
Describe the general economic conditions in the home country.
Are there ongoing crises related to recession, hyperinflation, or other decline?
What is the unemployment rate?
Trade Agreements
What other countries are relevant trade partners?
Are any countries involved in an ongoing trade war with the home country?
####SOCIAL
Cultural Practices
What other languages are used in the area of interest?
Are there any prevalent perspectives on Security in this area?
Are there any prevalent perspectives on Privacy in this area?
What cultural norms are relevant?
What cultural taboos are relevant?
Ethnic issues
Are there any ethnic groups that suffer from discrimination?
####TECHNOLOGICAL
Law Enforcement
What means do the area’s law enforcement use to access private digital systems?
What technologies do law enforcement or other government forces use to monitor or collect information on the populace?
Supply chains for Information-sharing
How is information transmitted between community members?
Are there any prevalent attitudes towards online security tools in this area?
####LEGAL
What protections exist for Freedom of Speech?
What are the relevant Privacy Laws?
What are the relevant Data Protection Laws? (GDPR, etc)
What are the relevant Cybersecurity Laws?
Criminality
Who are the major organized crime groups?
What other crimes may be relevant?
####MILITARY
What are current or recent local conflicts? Include terrorism.
Are there any international conflicts involving home country or partners’ home countries?
Are there nearby Installations and bases to the organization’s work?
What capabilities or equipment for collection or intercept may be present?
Last updated