When to use this
Use this checklist during an internal audit of confidentiality and non-disclosure agreement controls.
Related controls
- A.6.6 Confidentiality or Non-Disclosure Agreements
- A.6.6 Audit Evidence Pack
- Confidentiality Agreement Register
- Confidentiality Agreement Review Checklist
Audit checklist
- Confirm confidentiality/NDA requirements are identified and documented.
- Confirm agreement templates or clauses exist.
- Check whether agreement content reflects business, legal, contractual, and security needs.
- Sample employees, contractors, suppliers, partners, or visitors where relevant.
- Verify agreements were signed and dated before confidential access or exchange.
- Check legal review or approval where appropriate.
- Check regular review and update procedure.
- Check register completeness and evidence locations.
- Check exceptions and risk treatment where agreements are missing.
- Record nonconformities, observations, and improvement actions.
Findings table
| Sample | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Iso27001
- ISO27002
- Template
- Audit
- A6 6
Note Metadata
Aliases: A.6.6 Confidentiality NDA Audit Checklist
Source: 90 Templates/A.6.6 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- ISO 27001 A.6.6 - Confidentiality or Non-Disclosure Agreements
- A.6 People Controls MOC
- A.6.6 Audit Evidence Pack
- Audit Evidence MOC
- AQ-ISO27001-A.6.6 Confidentiality or Non-Disclosure Agreements
- A.6 People Controls Audit Guide
- A.6 People Controls Implementation Audit Risk Mapping
- Confidentiality Agreement Register
- Confidentiality Agreement Review Checklist
- Audit Evidence Index
- Templates MOC