IT Security Audit Plan Template
The audit team leader should prepare for onsite audit activity by preparing the IT Security Audit Plan Template and assigning tasks to members of the audit team. ITSD107-3 IT SECURITY AUDIT PLAN should cover audit objectives, audit criteria, audit scope, estimated duration, and more. Audit team members should prepare work documents, such as audit checklists, sampling plans, and forms for recording information (minutes of meetings, supporting evidence, audit findings, etc.).
The audit team should conduct the onsite audit, which should consist of:
- The audit team leader conducting an opening meeting with Information Technology Managers and the Information Technology Security Manager to confirm the audit plan (including roles and responsibilities of all parties), explain how audit activities will occur, confirm lines of communication during the audit, and provide the Auditee with an opportunity for feedback.
- Communication during the audit.
The audit team leader should conduct a closing meeting in order to formally present the audit team’s findings and conclusions, to verify the understanding and obtain the acknowledgement of the Information Technology Security Manager, and if nonconformities are found, to agree on a timeframe for the Information Technology Security Manager to present a corrective and preventive action plan.
IT Security Audit Plan Template Details
Format: Microsoft Word 2013 (.docx)
Manual: IT Policies and Procedures Templates
Category: IT Security & Disaster Recovery
Procedure: IT Security Audits Procedure ITSD107