Information

  • Audit Title

  • Document No.

  • Client / Site

  • Conducted on

  • Prepared by

  • Location
  • Personnel

  • Ready?

Risk Assessment

  • Has a security risk assessment been executed

  • Have secure area's been defined

  • Is the risk assessment up-to-date

  • ICT security risk assessments<br>

  • ICT continuity

Security policies & plans

  • Has a security plan been defined (in line with risk assessment)?

  • Has a security policy been defined

  • Has a document classification policy been defined

  • Has clear desk policy been defined

  • Are security rounds and clear desk checks planned

  • Is a key management policy in place

  • Contingency/Disaster recovery plan

Controls

  • Access control systems in place (keys or card readers) in line with secure areas defined?<br>

  • How is authorization, registration and review of authorization of keys and badges organized?

  • Safe storage of keys and badges

  • Access control systems in place (IT systems)?<br>

  • How is authorization and review of authorization of IT systems organized?

  • Is the password of admin user stored safely?

  • Are backups made ?

  • Safe storage of backup media

  • Results of clear desk rounds documented?

  • Follow up on clear desk rounds?

Generics

  • Notes

  • Open issues

  • Possitives

  • Findings

The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.