When to use this
Use this checklist during an internal audit of remote working controls.
Related controls
- A.6.7 Remote Working
- A.6.7 Audit Evidence Pack
- Remote Working Authorization Register
- Remote Working Security Checklist
- Remote Working Risk Assessment
Audit checklist
- Confirm remote working policy and procedures exist.
- Confirm authorized remote workers, locations, activities, data, and controls are recorded.
- Check remote working risk assessment.
- Sample remote workers and verify control authorization.
- Check remote equipment appears in the asset register where applicable.
- Verify secure connection and MFA controls.
- Verify endpoint protection, patching, encryption, and screen-lock controls.
- Check public-location, printing, physical security, and non-work use rules.
- Interview remote workers about allowed data, locations, and handling rules.
- Check periodic review of remote working permissions and controls.
Findings table
| Sample | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Iso27001
- ISO27002
- Template
- Audit
- A6 7
Note Metadata
Aliases: A.6.7 Remote Working Audit Checklist
Source: 90 Templates/A.6.7 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- ISO 27001 A.6.7 - Remote Working
- A.6 People Controls MOC
- A.6.7 Audit Evidence Pack
- Audit Evidence MOC
- AQ-ISO27001-A.6.7 Remote Working
- A.6 People Controls Audit Guide
- A.6 People Controls Implementation Audit Risk Mapping
- Remote Working Authorization Register
- Remote Working Risk Assessment
- Remote Working Security Checklist
- Audit Evidence Index
- Templates MOC