When to use this
Use this checklist during an internal audit of personnel screening controls.
Related controls
Audit checklist
- Confirm the organization has a documented screening procedure.
- Confirm screening applies to employees, contractors, temporary staff, and third-party users in ISMS scope.
- Confirm screening depth is risk-based and proportional.
- Sample personnel files and verify checks were completed before joining or sensitive access.
- Check whether candidate-provided documents were independently verified where permitted.
- Check whether employment gaps or irregularities were documented and followed up.
- Interview HR, recruitment staff, and hiring managers on responsibilities.
- Confirm screening evidence is protected as personal data.
- Check whether rescreening or updated checks occur for higher-risk role changes where justified.
- Record nonconformities, observations, and improvement actions.
Findings table
| Sample | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Iso27001
- ISO27002
- Template
- Audit
- A6 1
Note Metadata
Aliases: A.6.1 Screening Audit Checklist
Source: 90 Templates/A.6.1 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.