When to use this
Use this record when approving or validating tools used for audit testing, scanning, extraction, or assurance activities on operational systems.
Related controls
- A.8.34 Protection of Information Systems During Audit Testing
- A.8.8 Management of Technical Vulnerabilities
Tool record
| Field | Value |
|---|---|
| Tool name/version | TBD |
| Purpose | TBD |
| Systems where used | TBD |
| Risk of use | TBD |
| Validation performed | TBD |
| Configuration/rate limits | TBD |
| Required permissions | TBD |
| Logging method | TBD |
| Approved by | TBD |
| Approval date | TBD |
Checks
- Tool source and version are known.
- Operational impact is assessed.
- Required permissions are limited.
- Use is logged.
- Results are protected.
- Template
- Iso27001
- Audit testing
- Tooling
Note Metadata
Aliases: Audit Tool Approval Record
Source: 90 Templates/Audit Tool Validation Record.md
Related Notes
- A.8.34 Audit Evidence Pack
- ISO 27001 A.8.34 - Protection of Information Systems During Audit Testing
- ISO 27001 A.8.8 - Management of Technical Vulnerabilities
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- Templates MOC