Cyber Security Assurance audit questionnaire:-

Please provide the following IT Policy and procedure Version number and last update with Policy
Clause

 Acceptable use policy

 E-mail and communications activities

 Antivirus policy

 Identity Management policy

 Password policy

 Encryption policy

 Remote access policy

 Content Security

 Intrusion Prevention Methodology

 Compliance Validation methodology

 Secure Development Process- Vendor

 Risk Assessment Register

 Backup Policy

 Incident Form
17/05/2018

Page 1 of 3
 IT Audit Checklist

SL Audit Question Answer with Attached Evidence Remark with

No. screen shot Screenshot

1 Domain name of company’s registered

website

2 Hosting

3 Production Server Location

4 DR/Secondary Site

5 Server Operating System

6 Data Encryption

7 Database Name
Database verision

Database Last update

8 Encryption method use (name of

algorithm that used for data
encryption)

9 SSL Certificate Detail

10 Firewall Name & Version

11 IDS & IPS

12 WAF

13 Incident management

14 Support

15 Email ID

16 Contact Number

17 Antivirus Name

18 Network Switch Name

Page 2 of 3
19 Backup

20 Daily Backup Time

21 Full Back up (Daily, Weekly)

22 Primary Backup Location

23 Secondary Backup Location

24 Backup taken on Cloud/Tape/ External

HDD

25 Application Monitoring Tool Name

26 Network Monitoring Tool Name

27 Any Cyber Crises Plan

28 Data Leakage Prevention

29 ISO 27001:2013

30 Physical Access Control

31 Camera

32 Biometric Access

33 Audit Log Enable

34 Logs Backup

35 Email Service (Gmail, In-house/Linus)

36 Domain hosted

Page 3 of 3