UnixTime

Research Note

A.8.7 Audit Checklist

Use this checklist during an internal audit of malware protection deployment, update status, scanning, infection response, and user awareness.

On this page

When to use this

Use this checklist during an internal audit of malware protection deployment, update status, scanning, infection response, and user awareness.

Audit checklist

  • Review malware protection standard.
  • Review coverage and update register.
  • Sample endpoints, servers, mobile devices, and cloud workloads where relevant.
  • Check update/signature/engine status.
  • Check real-time or scheduled scan settings.
  • Review email, web, file, download, or removable media controls.
  • Review malware alerts and quarantine logs.
  • Sample infection response records.
  • Verify cleaning/rebuild verification evidence.
  • Review malware awareness training records.
  • Interview users about suspicious links, downloads, fake prompts, and reporting.

Findings table

System/process Expected evidence Observed evidence Gap Finding type Action owner
TBD TBD TBD TBD NC / observation / conforming TBD
  • Template
  • Audit
  • Iso27001
  • A8 7

Note Metadata

Aliases: A.8.7 Malware Protection Audit Checklist

Source: 90 Templates/A.8.7 Audit Checklist.md

Graph-sourced resources

Templates and evidence

Auditor evidence packs

Evidence collections and audit-facing verification material.