Security Policy Review Audit Work Program

Subscriber Content
Screenshot of the first page of Security Policy Review Work Program
Assessing Security Policies: A Sample Audit Work Program

The purpose of this sample audit work program is to determine whether the right security policies exist. For those policies that do exist, the objective is to determine whether they cover the necessary issues and are disseminated to the right people.

Project work steps covered in this document include: pre-engagement preparation, internet access and security, data confidentiality, email, voicemail, personal computer controls, local area network (LAN), electronic data, social engineering, and miscellaneous procedures. This document can be used as a general guide to understand and review processes when performing an assessment of security policies.


Topics
Data Security
Identity and Access Management
IT Security
Privacy
Physical Security
Audit Testing

Related Resources

Risk & Control Matrices - RCMs

Manage Security and Privacy RCM

Audit Reports

ISO 27001 Information Security Assessment Report

Audit Programs

Security Audit Work Program

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It