UnixTime

Research Note

A.5.5 Audit Checklist

Use this during internal audits to test whether relevant authority contacts are identified, maintained, authorized, and usable.

On this page

When to use this

Practical use

Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.

Use this during internal audits to test whether relevant authority contacts are identified, maintained, authorized, and usable.

Checklist

  • Relevant authorities are identified from legal, regulatory, contractual, operational, and incident-response requirements.
  • Authority contact register exists.
  • Each contact has a defined purpose.
  • Contact triggers are documented.
  • Primary and backup liaisons are assigned.
  • Communication approval requirements are defined.
  • Disclosure rules prevent unauthorized sharing of sensitive information.
  • Contact details are reviewed and updated periodically.
  • Incident response or continuity plans reference authority contact steps.
  • Contact paths are tested where practical.
  • Records exist for actual authority communications, if any.
  • Interviewed personnel know how authority contact is initiated.
  • Iso27001
  • ISO27002
  • Template
  • Audit
  • A5 5

Note Metadata

Aliases: A.5.5 Checklist

Source: 90 Templates/A.5.5 Audit Checklist.md

Graph-sourced resources

Templates and evidence

Auditor evidence packs

Evidence collections and audit-facing verification material.