Está en la página 1de 2

Access Security Checklist In Compliance?

Y N N/A

Date: ________ Property: _________________________ Auditor: ___________


Date/Time of Observation: ____________________________________________
Date/Time of Discussion: ______________________________________________
Name/Title Of Person: _______________________________________________

NOTE: All no answers require explanation. Per Discussion answers require documenting the position
of the person the question was discussed with and how the answer was substantiated.

1. Does security policy address specific capabilities of operating systems and require that the
available security features be implemented?
Remarks:

2. Is there a security officer appointed in writing?


Remarks:

3. Does the security officer ensure that available features have been implemented?
Remarks:

4. Is there a process in place for granting access levels?


Remarks:

5. Do users have only the minimum access level needed to do their job?
Remarks:

6. Are users' access restricted to specific applications, menus within applications, files, and
servers?
Remarks:

7. Is file maintenance a separate access privilege?


Remarks:

8. Is maintenance restricted to a minimum number of persons and is it properly approved and


reviewed?
Remarks:

9. Is the password file encrypted?


Remarks:

Page 1 of 2

Joseph Eve & Co. Audit Security Checklist Phone (406) 727-1798
Suite 414 Strain Building Fax (406) 727-7423
Great Falls, MT 59401 Access Security E -mail: JosephEve@josepheve.com
In Compliance?

Y N N/A

10. Are methods in place to detect security violations?


Remarks:

11. Can security restrictions be overridden?


Remarks:

12. Are access levels periodically reviewed by the internal auditor?


Remarks:

13. Can programmers access live files to test new programs?


Remarks:

14. Are procedures implemented to limit access to workstations after normal working hours?
Remarks:

15. Is modem access protected by a secure system, such as call back?


Remarks:

16. Are modem numbers changed periodically?


Remarks:

Page 2 of 2

Joseph Eve & Co. Audit Security Checklist Phone (406) 727-1798
Suite 414 Strain Building Fax (406) 727-7423
Great Falls, MT 59401 Access Security E -mail: JosephEve@josepheve.com