IT Audit L

<Company Name>
<Company Address>
 IT Audit Log

Document Summary
Document Reference ID <Company Short Name>-DC-003
Version Number 1.0
Document Type IT Audit Log
Author Gobinda Patra
Reviewed By Shankar D
Approved By Shankar D
Release Date 3/1/2021

Revision History
Version Date Author Significant Changes Source
1.0 3/1/2021 Gobinda Final Version NA

No part of this documentation may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying or recording, for any purpose without express
written permission of the HR Head of <Company Name>.
© 2021, <Company Name>. All Rights Reserved
Doc Ref.ID :<Company Short Name>-DC-003 Version No : 1.0
For Internal Use only
 Audit Check List
Sr.No Items Descriptions

1 Server
a) Unused AD ID (temp and junk AD ID) deleted
b) Only authorized User ID should have domain admin rights
c) Password policies (such as not sharing, lengths, forced renewal, ageing)

d) Server Room neat and clean with proper temprature maintance

f) Update with latest OS patches and anti-virus
g) Analysing log files and event viewer
h) Server time Sync with NTS
2 Anti-Virus
a) ePO Server is up to date with latest DAT
b) All systems connected with ePO server
c) All the systems are compliance with the Anti-viruses policy
c) All the systems are compliance with the Anti-viruses policy
3 Link (Network)
a) Multi-Vendor Network
b) Config file backup(Firewall backup weekly)
c) Only approved URL allowed(As per business requirement)
4 WSUS
a) Monthly Updates from Microsoft Server(Once in a month)
b) Monthly updates pushing to client systems every once in a month
5 Client Systems(Laptops and Desktops)
a) only approved application is installed (As per process requirement)
b) Update latest Anti-virus and windows patches
c) only approved Users should have admin access and full internet access
6 NT ID and Email ID
a) New joinee NT and Email ID Need to create within 2 working days
b) Terminated employees NT and Email ID need to delete within a 2 hours
c) Absconded emaployees access need to remove within a 4 hours
7 Reports
a) Weekly Reports for Assets Register ,Stock Register, Spare Parts Register etc.
b) Weekly Reports for ePO and WSUS server
c) AD Backup Report
d) Incident Reports
 Status (Yes /No) Remarks

Register etc.
 Internal Audit Checklist - Network Management
Audit Cycle
Date Of Audit

Duration
Auditor(s)
Auditee(S)
Sl. No. Checkpoint Status (Y/N/NA)
Network related
1 Network process
2 Network Security Policy
3 Clearly defined Roles and Responsibilities
4 Capacity planning
5 Requirement study
6 Requirement analysis and feasibility
7 Network diagrams
8 Infrastructure setup [link, router configuration, switch
9 Infrastructure
configuration, Setup
etc.] validation reports
10 Escalation management
11 Network monitoring:
12 Vendor evaluation reports
13 Backup of Network Management records
14 Vendor Contracts
15 Vendor visit schedule
16 Best practices in network monitoring
17 Lessons learnt [snags]
18 Training needs identified and
19 Customer complaints and resolution
20 Closure of previous audit findings
ment

Remarks