Sr.No. AUDIT CHECKLISTS ITEMS INTERVIEWED R/Per.

REMARKS Corresponding Officer

1.         Access Control Policy Networks Manager
2.         Business Continuity & Disaster Recovery Networks Manager
Plan
4.         Data Archiving and Retention Policy Networks Manager
5.         Data Destruction and Disposal Policy Networks Manager
6.         Escalation Process Networks Manager
7.         Incident Response Policy Networks Manager
8.         Information Security Policy Networks Manager
10.     Password Policy Networks Manager
12.     User Access Form for Employees Networks Manager
13.     User Access Form for 3rd Parties Networks Manager
14.     Change Management Policy and Process Networks Manager

15.     Backup Management Policy Networks Manager

16.     Last Month’s Incidents Report Networks Manager
17.     HR Processes (Hiring / Termination) Networks Manager
18.     Vulnerability Assessment Reports Networks Manager
19.     Penetration Testing Reports Networks Manager
20.     Incidents Report Last Months Networks Manager
21.     High Level Network Diagrams Networks Manager
22.     Detailed Low Level Network Diagram Networks Manager
23.     Data Flow Diagrams Networks Manager
24.     NTP Diagrams Networks Manager
25.     Access Control Mechanism Networks Manager
26.     Status of Anti Virus (How many Laptops Networks Manager
it is present and how many it is not)

28.     AD Policy Networks Manager

29.     WSUS report Networks Manager
35.     Inventory List of all Network Devices Networks Manager
36.     Inventory List of all Security Appliances Networks Manager

37.     List of Connected Entities ( 3rd Parties) Networks Manager

38.     Roles and Responsibilities of each Networks Manager
vendor ( 3rd Party)
39.     Access Control Matrix Networks Manager
40.     Monitoring of Audit Trails Process Networks Manager
41.     Monitoring of Incidents Process Networks Manager
46.     Servers Complete list of inventory Networks Manager
details, OS details, versions etc
47.     IPSEC Tunnel details Networks Manager
54.     All admin details who is the admin of Networks Manager
what thing (DB Admin, Servers Admin,
Network Devices Admin etc)

55.     Network and Security Devices Admins Networks Manager

61.     Wireless Details Where and at what Networks Manager

points wireless is available
64.     Risk Assessment Report Networks Manager
65.     Change Defaults Security Policy Networks Manager
67.     Data Control and Access Policy Networks Manager
68.     Email Policy Networks Manager
69.     Encryption Policy Networks Manager
70.     Internet Usage Policy Networks Manager
72.     Remote Access Policy Networks Manager
73.     Wireless Security Policy Networks Manager
74.     Acceptable Use Policy Networks Manager
76.     Roles and Responsibilities for each Networks Manager
personnel is defined
77.     Router Rules Review on regular basis ? Networks Manager

78.     Firewall Rules Review on regular basis ? Networks Manager

80.     Authentication policy Networks Manager

81.     Data Privacy Policy for Employees Networks Manager
82.     Data Privacy Policy for Clients Networks Manager
83.     NDA Forms for employees Networks Manager
84.     NDA Forms for rd Parties Networks Manager
85.     Password / Secret Sharing Form Networks Manager
86.     Change Request Form Networks Manager
87.     Incident Responce Process Networks Manager
90.     System / Server Record Form Networks Manager
93.     SLAs Available or not, with whom? Networks Manager
94.     Running Services Review Process Networks Manager
95.     Running Configurations Review Process Networks Manager