Escolar Documentos
Profissional Documentos
Cultura Documentos
Subject
Location
Information Security
All areas
Date
Auditor
Contact
No.
1
2
3
4
6
7
8
9
10
Check
There is a documented information
security policy, endorsed by the
current Chief Executive
Workers are aware of the policy
and any information security
requirements that relate to their
role
Each user has their own account
for using a computer
All computers / mobile devices have
password-protected logon (Note: there
may be specific requirements for
password strength)
All computers / mobile devices are
protected by an up-to-date version of
an approved antivirus / security
software application
All computers / mobile devices are
protected by an approved firewall
All computers / mobile devices are set
to lock when left unused (Note: the time
period may be specified)
Operating systems and key
applications on computers / mobile
devices are up-to-date
Only authorised applications are
installed on computers / mobile
devices
Wi-fi networks are passwordprotected, and have WPA2
Results
Action?
No.
11
12
13
14
15
16
17
18
19
Check
encryption (Note: Once again, there
may be specific requirements for
password strength)
USB / Flash drive policy is
implemented
(Note: Use may be not allowed, or
restricted, and/or there may be
requirements for content to be
encrypted)
Access to server room is restricted to
authorized personnel only
There is a documented payment
card processing policy, endorsed
by the current Chief Executive
Workers are aware of the policy
and any responsibilities /
accountabilities that relate to their
role
Verify that the requirements of the
policy are implemented
There is a documented social
media policy, endorsed by the
current Chief Executive
Workers are aware of the policy
and any responsibilities /
accountabilities that relate to their
role
Verify that the requirements of the
policy are implemented
Does the contact have any suggestions
for improvement to the process
Results
Action?