When to use this
Use this checklist during an internal audit of malware protection deployment, update status, scanning, infection response, and user awareness.
Related controls
- A.8.7 Protection Against Malware
- A.8.7 Audit Evidence Pack
- Malware Protection Standard
- Malware Protection Coverage and Update Register
- Malware Infection Response Record
- Malware Awareness Checklist
Audit checklist
- Review malware protection standard.
- Review coverage and update register.
- Sample endpoints, servers, mobile devices, and cloud workloads where relevant.
- Check update/signature/engine status.
- Check real-time or scheduled scan settings.
- Review email, web, file, download, or removable media controls.
- Review malware alerts and quarantine logs.
- Sample infection response records.
- Verify cleaning/rebuild verification evidence.
- Review malware awareness training records.
- Interview users about suspicious links, downloads, fake prompts, and reporting.
Findings table
| System/process | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Template
- Audit
- Iso27001
- A8 7
Note Metadata
Aliases: A.8.7 Malware Protection Audit Checklist
Source: 90 Templates/A.8.7 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- A.8.7 Audit Evidence Pack
- Audit Evidence MOC
- ISO 27001 A.8.7 - Protection Against Malware
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Audit Risk Mapping
- Malware Awareness Checklist
- Malware Infection Response Record
- Malware Protection Coverage and Update Register
- Malware Protection Standard
- Audit Evidence Index
- Templates MOC