When to use this
Use this checklist during an internal audit of network service security mechanisms, service levels, service requirements, provider controls, and monitoring.
Related controls
- A.8.21 Security of Network Services
- A.8.21 Audit Evidence Pack
- Network Service Security Requirements Register
- Network Service Provider Review Checklist
- Network Service SLA and Security Feature Review
Audit checklist
- Review network service inventory.
- Trace service requirements to risk assessment.
- Review provider security features.
- Review service levels and resilience/failover commitments.
- Check agreement or SLA includes required controls.
- Review provider reports and service reviews.
- Check compensating controls for provider limitations.
- Check operational procedures include required service features.
Findings table
| Network service | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Template
- Audit
- Iso27001
- A8 21
Note Metadata
Aliases: A.8.21 Network Services Audit Checklist
Source: 90 Templates/A.8.21 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- A.8.21 Audit Evidence Pack
- Audit Evidence MOC
- ISO 27001 A.8.21 - Security of Network Services
- A.8 Technological Controls MOC
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- Network Service Provider Review Checklist
- Network Service Security Requirements Register
- Network Service SLA and Security Feature Review
- Audit Evidence Index
- Templates MOC