When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this during internal audits to test whether A.5.25 Assessment and Decision on Information Security Events is designed, implemented, operating, and evidenced.
Audit checklist
- Event records show receipt time, triage time, assessor, impact assessment, category, decision, and justification.
- Classification criteria are documented and available to points of contact.
- Major events are confirmed by the incident response role or team.
- Triage targets align with breach notification and contractual timescales.
- Changes to categorization guidance are communicated to points of contact.
Evidence requested
- Procedure or guidance reviewed.
- Sample records selected.
- Owner interviewed.
- Evidence location recorded.
- Gaps converted into findings or corrective actions.
Related notes
- Iso27001
- ISO27002
- Template
- Audit
- A5 25
Note Metadata
Aliases: A.5.25 Checklist
Source: 90 Templates/A.5.25 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.