When to use this
Use this checklist during an internal audit of network zones, inter-zone controls, wireless segregation, segmentation tests, and exceptions.
Related controls
- A.8.22 Segregation of Networks
- A.8.22 Audit Evidence Pack
- Network Zone and Connection Matrix
- Network Segmentation Test Checklist
- Wireless Network Security Assessment
Audit checklist
- Enumerate network zones.
- Verify zone purpose and risk basis.
- Review systems and services assigned to zones.
- Review inter-zone connection rules.
- Check firewall/routing/security group enforcement.
- Review segmentation test evidence.
- Review wireless network risk assessment.
- Check performance or operational exceptions.
- Check cloud and virtual network segregation.
Findings table
| Zone/control | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Template
- Audit
- Iso27001
- A8 22
Note Metadata
Aliases: A.8.22 Network Segregation Audit Checklist
Source: 90 Templates/A.8.22 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- A.8.22 Audit Evidence Pack
- Audit Evidence MOC
- ISO 27001 A.8.22 - Segregation of Networks
- A.8 Technological Controls MOC
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- Network Segmentation Test Checklist
- Network Zone and Connection Matrix
- Wireless Network Security Assessment
- Audit Evidence Index
- Templates MOC