When to use this
Use this checklist when reviewing virtual networks, cloud networks, hypervisors, security groups, route tables, virtual firewalls, or management planes.
Related controls
Review checklist
- Virtual network topology documented.
- Hypervisor or cloud management plane access restricted.
- Security groups/firewall rules reviewed.
- Route tables reviewed.
- Management network separated where required.
- Backup/replication/DR paths reviewed.
- Logging and monitoring enabled.
- Bypass paths to protected zones identified.
- Changes are controlled.
- Exceptions are risk-assessed.
Review record
| Environment | Control area | Expected state | Observed state | Bypass risk? | Action owner | Due date |
|---|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | Yes/No | TBD | TBD |
- Template
- Iso27001
- Technological controls
- Network security
- Virtualization
Note Metadata
Aliases: Virtual Network Security Review
Source: 90 Templates/Virtual Network and Hypervisor Security Review.md
Related Notes
- A.8.20 Audit Evidence Pack
- ISO 27001 A.8.16 - Monitoring Activities
- ISO 27001 A.8.20 - Networks Security
- ISO 27001 A.8.9 - Configuration Management
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.20 Audit Checklist
- Templates MOC