UnixTime

Research Note

A.7.6 Audit Checklist

Use this checklist during an internal audit of work performed inside secure areas.

On this page

When to use this

Use this checklist during an internal audit of work performed inside secure areas.

Audit checklist

  • Confirm sensitive work and secure areas are identified.
  • Confirm entry controls allow only authorized personnel.
  • Check need-to-know restrictions.
  • Check controls for paper, media, equipment, and information movement.
  • Check restrictions on phones, cameras, and recording devices.
  • Confirm supervision requirements are defined and followed.
  • Confirm dual control is applied where risk requires it.
  • Confirm contractors and third parties follow the same procedure.
  • Interview personnel and compare answers to the procedure.

Findings table

Secure area/work Expected evidence Observed evidence Gap Finding type Action owner
TBD TBD TBD TBD NC / observation / conforming TBD
  • Iso27001
  • ISO27002
  • Template
  • Audit
  • A7 6

Note Metadata

Aliases: A.7.6 Secure Areas Audit Checklist

Source: 90 Templates/A.7.6 Audit Checklist.md

Graph-sourced resources

Templates and evidence

Auditor evidence packs

Evidence collections and audit-facing verification material.