UnixTime

Research Note

A.5.32 Audit Checklist

Use this during internal audits to test whether A.5.32 Intellectual Property Rights is designed, implemented, operating, and evidenced.

On this page

When to use this

Practical use

Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.

Use this during internal audits to test whether A.5.32 Intellectual Property Rights is designed, implemented, operating, and evidenced.

Audit checklist

  • IP handling procedures cover software, documents, source code, libraries, trademarks, designs, patents, subscription content, and AI-generated material.
  • Software and content inventories map licences to actual use, devices, users, restrictions, renewal dates, and evidence.
  • Periodic licence checks sample workstations, servers, cloud tools, and development environments.
  • Development contracts and support agreements define source-code and modification rights.
  • Open-source and third-party libraries are reviewed for licence obligations before use.
  • AI-generated content is reviewed for ownership, input rights, provider terms, confidentiality, and external-use approval.

Evidence requested

  • Procedure or register reviewed.
  • Responsible owner interviewed.
  • Sample records selected.
  • Evidence location recorded.
  • Gaps converted into findings or corrective actions.
  • Iso27001
  • ISO27002
  • Template
  • Audit
  • A5 32

Note Metadata

Aliases: A.5.32 Checklist

Source: 90 Templates/A.5.32 Audit Checklist.md

Graph-sourced resources

Templates and evidence

Auditor evidence packs

Evidence collections and audit-facing verification material.