User Tools

Site Tools

You are here: start » corpgov » auditsum

Sidebar

Org. Governance

Home

Governance

Organizational Authority

Risk Management Framework

Audit Docs & Tasks

HR Personnel Policies

3.9 HR Policies

Functional/Technical Policies

(Satisfies SOC IS-1 Requirements)

3.1 Access Control

3.2 Awareness & Training Policies

3.3 Audit & Accountability

3.4 Configuration Management

3.5 Identification and Authentication

3.6 Incident Response

3.7 Maintenance

3.8 Media Protection

3.9 HR Policies

3.10 Physical Protection

3.11 Risk Assessment

3.12 Security Assessment

3.13 Systems & Communications Protection

3.14 Systems & Information Integrity

Internal Processes

Breach Notification

Contingency Planning - Internal - CP

Change Management - CM

SaaS App Management

Executive Compliance Directives

DOD Impact Levels

Definitions & References

IT Policy Artifacts

corpgov:auditsum

Table of Contents

Audit Docs and Tasks

Control Satisfaction Matrix

StandardCategoryControls Satisfied800-53r4 ControlsISO/SEC 27001Audit Controls
DLZP InternalGovernanceN/AN/AN/A

Major Document History

Date Comment Who
8/27/2019 Initial Doc Tharp
8/29/2019 Copied Content For IS-1 SOC submission Tharp

Recurring Task Summary

Reference IDTaskLocationDescription
IS-47Yes/M5-T27A-lign TasksMost recent VPN access review of users and user access rights by management
IS-47Yes/M5-T28A-lign TasksNext Quarter Review Task of T27
IS-3; IS-6Yes/M5-T29A-lign Tasks“Listing of all personnel hired between July 1; 2019 and September 13; 2019; Listing of all personnel terminated between July 1;2019 and September 13; 2019”
DLZP WikiYes/M5-T30SaaS Rep&TasksCol: App Admin Rpt/Task; App User Rpt/Task; Log Review RPT/Task; Code Changes/Task
DLZP WikiYes/M5-T31SaaS Rep&TasksNext Quarter Review Task of T30
COA-2Yes/M5-T32A-lign TasksListing of incidents from July 1; 2019 and September 13; 2019
COA-2Yes/M5-T33A-lign TasksNext Quarter Review Task of T32
CC-2Yes/M5-T34A-lign TasksListing of all application code changes between July 1; 2019 and September 13; 2019
CC-4Yes/M5-T35A-lign TasksListing of all infrastructure changes between July 1; 2019 and September 13; 2019
AWS - AllYes/M5-T36SaaS Rep&TasksCol: App Admin Rpt/Task; App User Rpt/Task; Log Review RPT/Task
DB; Email; TrendMicro; CRM; ProjectYes/M5-T37SaaS Rep&TasksCol: App Admin Rpt/Task; App User Rpt/Task; Log Review RPT/Task + Antivirus Settings RPT/Task
Google Apps; Yes/M5-T38SaaS Rep&TasksCol: App Admin Rpt/Task; App User Rpt/Task; Log Review RPT/Task
DLZP InternalYes/M5-T39Zoho Project OnlyReview changes to NIST 800-171; NIST 800-53rev4; FIPS 199
DocumentationYes/M5-T40DokuWikiUpdate Breach Notification
IS-3; IS-6Yes/M5-T41A-lign TasksNext Quarter Review Task of T29
COA-8Yes/M5-T42A-lign TasksDisaster recovery plan test results (WIKI)
COA-8Yes/M5-T44A-lign TasksNext Quarter Review Task of T42
/opt/bitnami/dokuwiki/data/pages/corpgov/auditsum.txt · Last modified: 2020/01/22 23:57 by brian.tharp

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki