The list provided here at jdsupra.com is a good start. There are a few more we add to the mix, but the answers may not come as easy. It may mean a change to hiring policies in a number of areas of your organization, to maybe a complete overhaul in areas you thought to be secure. It also important to remember that you will and should be asking these question on a pretty routine and frequent basis as technology improves in this area and its usually because the guys and gals who break in have perfected a hack or exploited a vulnerability. All of these is what makes hiring that IT Security person a challenge to hire and often keep.