UnixTime

Research Note

A.8.13 Audit Checklist

Use this checklist during an internal audit of backup scope, schedule, protection, job monitoring, restore testing, archive recoverability, and corrective action.

On this page

When to use this

Use this checklist during an internal audit of backup scope, schedule, protection, job monitoring, restore testing, archive recoverability, and corrective action.

Audit checklist

  • Review backup policy and schedule.
  • Review backup scope and coverage register.
  • Sample backup job success/failure logs.
  • Review corrective action for failed backups.
  • Review backup protection such as encryption and access control.
  • Review off-site, immutable, offline, or separated storage where relevant.
  • Sample restore test records.
  • Review long-term archive recoverability.
  • Check backup media lifecycle and disposal.
  • Compare backup arrangements with continuity requirements.

Findings table

System/backup set Expected evidence Observed evidence Gap Finding type Action owner
TBD TBD TBD TBD NC / observation / conforming TBD
  • Template
  • Audit
  • Iso27001
  • A8 13

Note Metadata

Aliases: A.8.13 Backup Audit Checklist

Source: 90 Templates/A.8.13 Audit Checklist.md

Graph-sourced resources

Templates and evidence

Auditor evidence packs

Evidence collections and audit-facing verification material.