Audit Plan 2011-public

Audit Plan 2011 1. Review of Internet perimeter control a. Evaluate effectiveness of firewall rules b.

Check if audit trail is enabled. c. Check if periodic review is conducted on audit trail. d. Review firewall logs to identify other point of entry/exit e. Review maintenance & support agreement 2. Review of web proxy server a. Identify blocking mechanism b. Review of logs to check effectiveness c. Review of policies d. Review maintenance & support agreement 3. Review of Disaster Recovery Plan Readiness a. Application under DRP b. Recovery Time Objective c. Recovery Point Objective 4. Review of Intranet perimeter control a. Ensure basic segregation of internal network b. Evaluate effectiveness of firewall rules in segregated network 5. Review of bandwidth management a. Review of bandwidth utilization efficiency i. Within HQ ii. Between District & HQ iii. Inter district 6. Review of Security Incidence Handling a. Review SOP in place b. Review past incident 7. Review of human safety in computing environment at a. District & HQ i. Workstation ii. Server Room b. Area of concern i. Electrical leakage ii. Improper connection iii. Dusty hazard iv. Sharp object

Sign up to vote on this title
UsefulNot useful