When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this during internal audits to test whether A.5.28 Collection of Evidence is designed, implemented, operating, and evidenced.
Audit checklist
- Evidence procedure covers identification, collection, acquisition, preservation, storage, access, transfer, and disposal.
- Chain-of-custody logs are complete and timestamped.
- Evidence storage is access-controlled and tamper-resistant.
- Forensic copies are used where original evidence must be preserved.
- Evidence collection starts early enough to avoid contamination or destruction.
Evidence requested
- Procedure or guidance reviewed.
- Sample records selected.
- Owner interviewed.
- Evidence location recorded.
- Gaps converted into findings or corrective actions.
Related notes
- Iso27001
- ISO27002
- Template
- Audit
- A5 28
Note Metadata
Aliases: A.5.28 Checklist
Source: 90 Templates/A.5.28 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.