UnixTime

Research Note

A.8.12 Audit Checklist

Use this checklist during an internal audit of DLP scope, data flows, DLP rules, alert handling, transfer approvals, and user awareness.

On this page

When to use this

Use this checklist during an internal audit of DLP scope, data flows, DLP rules, alert handling, transfer approvals, and user awareness.

Audit checklist

  • Review sensitive data inventory.
  • Review approved sensitive data flows.
  • Review DLP rule configuration.
  • Sample DLP alerts and closure evidence.
  • Review false-positive handling and tuning.
  • Review transfer approval records.
  • Check user awareness for approved transfer methods.
  • Review leakage incident escalation where applicable.

Findings table

System/channel Expected evidence Observed evidence Gap Finding type Action owner
TBD TBD TBD TBD NC / observation / conforming TBD