Scheduled Security and Audit Procedures by John WhalenScheduled Security and Audit Procedures by John Whalen

Scheduled Security and Audit Procedures

John Whalen

CTO

Educator

Security Engineer

GitHub

Slack

- Review Access [quarterly]

- Review Security Logs [weekly]

- Review Cyber Risk Assessment (enumerate possible compromise scenarios) [quarterly]

- Review Data Classification [quarterly]

- Backup Testing [quarterly]

- Disaster Recovery Testing [semi-annual]

- Review Devices & Workstations [quarterly]

- Review & Clear Low-Priority Alerts [weekly]

- Apply OS Patches [monthly]

- Verify Data Disposal per Retention Policy [quarterly]

- Conduct Security Training [annual]

- Review Security Monitoring and Alerting Configuration [quarterly]

- Penetration Test [annual]

- Whitebox Security Review [annual]

- SOC2 Audit [annual]

Help make throughtful choices about what matters to the business and implementing systems and processess to proactively mitigate risk

Tip: Investing in this stage will help avoid knowable problems in the future, People are less forgiving if you don’t deliver a better performance the second time adversity strikes💪

Like this project

Posted Jul 13, 2022

Provide real time audit logs to your organizational security team

Likes

Views

Tags

CTO

Educator

Security Engineer

GitHub

Slack

Featured on

Best freelance Security Engineers to hire in 2026 Best GitHub freelancers to hire in United States 2026 Best freelance Educators in United States to hire in 2026

John Whalen

Organizational security policies and procedures

Control Environment Narrative

Onboarding and Access Policy Template

Event-Driven Security