Do I need a check up? How often should you check? What are the standards? How will I know it will work when I need it to? 
All good questions, with easy answers. Yes you should check, Yes there are standards but it’s okay if you make your own, you’ll know because you’ve checked, and a check up never hurts. Might be embarrassing, but never hurts.
So you’ve taken the time to seek out advise on best practices and required legislative measures in security and risk management. You’ve written policies and procedures that fit your business perfectly. You’ve taken the time to train your staff and what is expected and what will be implemented. So now what?
Check it. Do all of those policies still apply today? Do they need updating, editing, revisions? If so, get them done. At minimum you should be reviewing this portfolio at least once a year, depending on your business and industry it may be more frequent than that.
Do all the staff remember what they should be doing or need to do? Small refresher meetings can assist, e-newsletter reminders would hurt either.
Does the equipment you purchased to help your security and risk management efforts still perform to your expectations? If not, contact your service provider and have what ever the issue is rectified. Better yet, have preventative maintenance performed at least once a year.
Better to find concerns now before it’s too late. The last thing you want to happen, is to have an event that impacts your business and the plans that you thought were in place had a few holes in them. Nothing major, but effects the process still the same.
You know what they say, ‘An ounce of prevention is worth a pound of cure.’