When to use this
Use this checklist when designing or reviewing user awareness content for malware prevention and reporting.
Related controls
- A.8.7 Protection Against Malware
- A.6.3 Information Security Awareness Education and Training
- A.6.8 Information Security Event Reporting
Awareness checklist
- Suspicious links and attachments covered.
- Fake antivirus, fake update, and fake login prompts covered.
- Risky downloads and unofficial software covered.
- Unsafe websites and browser warnings covered.
- Unexpected password requests covered.
- Reporting channel explained.
- Examples are realistic for the organization.
- Training completion is recorded.
- Effectiveness is checked through quiz, interview, or simulation.
Review table
| Topic | Covered? | Evidence | Gap/action |
|---|---|---|---|
| Links and attachments | Yes/No | TBD | TBD |
| Fake prompts | Yes/No | TBD | TBD |
| Downloads/software | Yes/No | TBD | TBD |
| Reporting | Yes/No | TBD | TBD |
- Template
- Iso27001
- Technological controls
- Awareness
- Malware protection
Note Metadata
Aliases: Malware User Awareness Checklist
Source: 90 Templates/Malware Awareness Checklist.md
Related Notes
- ISO 27001 A.6.3 - Information Security Awareness, Education and Training
- ISO 27001 A.6.8 - Information Security Event Reporting
- A.8.7 Audit Evidence Pack
- ISO 27001 A.8.7 - Protection Against Malware
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.7 Audit Checklist
- Templates MOC