Physical Security Audit 2498
-
I have provided documentation on physical security, and issues that need to be addressed when using physical security as a mitigating control to minimize the threat of system security breaches. Just wondering, from an audit perspective, if there is any type of checklist that can be used as a template example of what an auditor might be looking for as far as physical security control attributes.
Thanks for any help.
JL
-
You can get a few sample checklists here:
http-and-#58;//www.auditnet.org/freeap.htm
You’ll need to register, but there is free content.
-
Below are a few other quick items found that might help:
COBIT 4 - May have some physical security considerations noted
http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=2470
SAS-70 has quite a bit of physical security concerns, along with other links
http-and-#58;//www.google.com/search?hl=en-and-q=sas 70 audit templates
http-and-#58;//www.google.com/search?hl=en-and-q=physical security audit templates
http-and-#58;//www.sans.org/resources/policies/