When to use this
Use this checklist to define the security conditions that must be met before a system is accepted for operational use.
Related controls
- A.8.29 Security Testing in Development and Acceptance
- A.8.26 Application Security Requirements
- A.8.19 Installation of Software on Operational Systems
Criteria checklist
- Security requirements tested.
- Access controls tested.
- Defective input and error handling tested.
- Regression tests completed.
- Security controls tested.
- Vulnerabilities remediated or risk-accepted.
- Logging and monitoring verified.
- User/security training completed where needed.
- Operations readiness confirmed.
- Final acceptance authority defined.
- Template
- Iso27001
- Technological controls
- Security testing
Note Metadata
Aliases: Security Acceptance Checklist
Source: 90 Templates/Security Acceptance Criteria Checklist.md
Related Notes
- A.8.29 Audit Evidence Pack
- ISO 27001 A.8.19 - Installation of Software on Operational Systems
- ISO 27001 A.8.26 - Application Security Requirements
- ISO 27001 A.8.29 - Security Testing in Development and Acceptance
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.29 Audit Checklist
- Security Acceptance Sign-Off Record
- Templates MOC