UnixTime

Research Note

A.8.33 Audit Checklist

Use this checklist when auditing selection, protection, management, and deletion of test information.

On this page

When to use this

Use this checklist when auditing selection, protection, management, and deletion of test information.

Audit checklist

  • Test data selection rules exist.
  • Synthetic or masked data is preferred.
  • Live data use is authorized per occasion.
  • Sensitive test data is protected.
  • Test environment access is controlled.
  • Logs, debug files, caches, screenshots, exports, and reports are controlled.
  • Privacy/legal requirements are assessed.
  • Test data is securely deleted after use.
  • Retesting/reproducibility requirements are addressed.

Sampling record

Test data/use sampled Evidence reviewed Result Gap/action
TBD TBD TBD TBD
  • Template
  • Audit
  • Iso27001
  • A8 33

Note Metadata

Aliases: Test Information Audit Checklist

Source: 90 Templates/A.8.33 Audit Checklist.md

Graph-sourced resources

Templates and evidence

Auditor evidence packs

Evidence collections and audit-facing verification material.