When to use this
Use this checklist during an internal audit of storage media acquisition, use, transport, storage, disposal, destruction, and damaged-media handling.
Related controls
- A.7.10 Storage Media
- A.7.10 Audit Evidence Pack
- Storage Media Handling Procedure
- Storage Media Movement Log
- Secure Media Disposal and Destruction Register
- Damaged Media Handling Decision Record
Audit checklist
- Confirm approved media rules exist.
- Confirm media handling aligns to classification.
- Review media inventory.
- Sample media movement authorization and logs.
- Check transport controls and courier records.
- Check encryption and key separation where used.
- Review secure erasure, reuse, disposal, and destruction records.
- Check disposal contractor assurance where used.
- Review damaged media repair/destruction decisions.
- Interview staff on media handling rules.
Findings table
| Media/use case | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Iso27001
- ISO27002
- Template
- Audit
- A7 10
Note Metadata
Aliases: A.7.10 Storage Media Audit Checklist
Source: 90 Templates/A.7.10 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- ISO 27001 A.7.10 - Storage Media
- A.7 Physical Controls MOC
- A.7.10 Audit Evidence Pack
- Audit Evidence MOC
- AQ-ISO27001-A.7.10 Storage Media
- A.7 Physical Controls Audit Guide
- A.7 Physical Controls Implementation Audit Risk Mapping
- Damaged Media Handling Decision Record
- Secure Media Disposal and Destruction Register
- Storage Media Handling Procedure
- Storage Media Movement Log
- Audit Evidence Index
- Templates MOC