HTML Preview Security Audit Checklist page number 1.
C
YBER SECURITY CONTROLS CHECKLIST
This is a simple checklist designed to identify and document the existence and status for a
recommended basic set of cyber security controls (policies, standards, and procedures) for an
organization. Security controls are designed to reduce and/or eliminate the identified
threat/vulnerabilities that place an organization at risk.
PERSONELL SECURITY Yes No
1. Does your staff wear ID badges?
○ ○
2. Is a current picture part of the ID badge?
○ ○
3. Are authorized access levels and type (employee, contractor, visitor) identified
on the Badge?
○ ○
4. Do you check the credentials of external contractors?
○ ○
5. Do you have policies addressing background checks for employees and
contractors?
○ ○
6. Do you have a process for effectively cutting off access to facilities and
information systems when an employee/contractor terminates employment?
○ ○
PHYSICAL SECURITY Yes No
7. Do you have policies and procedures that address allowing authorized and
limiting unauthorized physical access to electronic information systems and the
facilities in which they are housed?
○ ○
8. Do your policies and procedures specify the methods used to control physical
access to your secure areas, such as door locks, access control systems,
security officers, or video monitoring?
○ ○
9. Is access to your computing area controlled (single point, reception or security
desk, sign-in/sign-out log, temporary/visitor badges)?
○ ○