Scheduled Security and Audit Procedures

John Whalen

- Review Access [quarterly]
- Review Security Logs [weekly]
- Review Cyber Risk Assessment (enumerate possible compromise scenarios) [quarterly]
- Review Data Classification [quarterly]
- Backup Testing [quarterly]
- Disaster Recovery Testing [semi-annual]
- Review Devices & Workstations [quarterly]
- Review & Clear Low-Priority Alerts [weekly]
- Apply OS Patches [monthly]
- Verify Data Disposal per Retention Policy [quarterly]
- Conduct Security Training [annual]
- Review Security Monitoring and Alerting Configuration [quarterly]
- Penetration Test [annual]
- Whitebox Security Review [annual]
- SOC2 Audit [annual]
Help make throughtful choices about what matters to the business and implementing systems and processess to proactively mitigate risk
Tip: Investing in this stage will help avoid knowable problems in the future, People are less forgiving if you dont deliver a better performance the second time adversity strikes💪
Like this project
0

Posted Jul 13, 2022

Provide real time audit logs to your organizational security team

Control Environment Narrative
Control Environment Narrative
Onboarding and Access Policy Template
Onboarding and Access Policy Template
Event-Driven Security
Event-Driven Security