Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Management System Audit Record: Subject Location Date Auditor Contact

    Enviado por

    BAla
    9 visualizações2 páginas
    AUDIT

    Título original

    AuditTemplate-BasicInfoSec

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    DOCX, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    AUDIT

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato DOCX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    9 visualizações2 páginas

    Management System Audit Record: Subject Location Date Auditor Contact

    Enviado por

    BAla
    AUDIT

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato DOCX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 2

    Management System Audit Record

    Subject
    Location

    Information Security

    Note: The following sample


    checklist is for a basic information
    security audit. It is intended to
    add information security elements
    to a QMS audit programme.
    Checks should be modified and
    added to as necessary. Where an
    organization has a formal ISMS, a
    series of more detailed audits
    would be required.
    Summary

    All areas

    Date
    Auditor
    Contact

    To delete this note, click on


    the border and press DELETE
    key

    No.
    1
    2

    3
    4

    6
    7
    8
    9
    10

    Check
    There is a documented information
    security policy, endorsed by the
    current Chief Executive
    Workers are aware of the policy
    and any information security
    requirements that relate to their
    role
    Each user has their own account
    for using a computer
    All computers / mobile devices have
    password-protected logon (Note: there
    may be specific requirements for
    password strength)
    All computers / mobile devices are
    protected by an up-to-date version of
    an approved antivirus / security
    software application
    All computers / mobile devices are
    protected by an approved firewall
    All computers / mobile devices are set
    to lock when left unused (Note: the time
    period may be specified)
    Operating systems and key
    applications on computers / mobile
    devices are up-to-date
    Only authorised applications are
    installed on computers / mobile
    devices
    Wi-fi networks are passwordprotected, and have WPA2

    Results

    Page | 1 | Copyright Qudos Management P/L 2015 All rights reserved.

    Action?

    No.

    11

    12
    13
    14

    15
    16
    17

    18
    19

    Check
    encryption (Note: Once again, there
    may be specific requirements for
    password strength)
    USB / Flash drive policy is
    implemented
    (Note: Use may be not allowed, or
    restricted, and/or there may be
    requirements for content to be
    encrypted)
    Access to server room is restricted to
    authorized personnel only
    There is a documented payment
    card processing policy, endorsed
    by the current Chief Executive
    Workers are aware of the policy
    and any responsibilities /
    accountabilities that relate to their
    role
    Verify that the requirements of the
    policy are implemented
    There is a documented social
    media policy, endorsed by the
    current Chief Executive
    Workers are aware of the policy
    and any responsibilities /
    accountabilities that relate to their
    role
    Verify that the requirements of the
    policy are implemented
    Does the contact have any suggestions
    for improvement to the process

    Results

    A sample from the www.qudosclub.com online resource library

    Page | 2 | Copyright Qudos Management P/L 2015 All rights reserved.

    Action?

    Você também pode gostar