NETWORK SECURITY AUDIT

Created by ChecklistGuro (https://checklistguro.com)


--- EXECUTIVE SUMMARY & SCOPE ---
[ ] Audit Objective Statement
[ ] Scope Description (Networks, Systems, Data)
[ ] Number of Locations Included in Audit
[ ] Audit Start Date
[ ] Audit End Date (Estimated)
[ ] Logistics Business Areas Included (Warehousing, Transportation (Trucking), Freight Forwarding, Supply Chain Management, Customs Clearance)
[ ] Systems within Scope (Select all that apply) (TMS (Transportation Management System), WMS (Warehouse Management System), GPS Tracking Systems, ERP System, Custom APIs)
[ ] Primary Contact for Audit
[ ] Brief Overview of Observed Risks (Initial Assessment)

--- NETWORK INFRASTRUCTURE ASSESSMENT ---
[ ] Number of Firewalls in Use
[ ] Firewall Vendor (Cisco, Palo Alto Networks, Fortinet, Check Point, Other)
[ ] Summary of Firewall Rule Set Review
[ ] Current Router Firmware Version (Specify for key routers)
[ ] Number of VLANs in Use
[ ] VLAN Security Segmentation Implemented (Select all that apply) (PCI DSS Compliance, Guest Network Isolation, Departmental Isolation, Logistics Data Isolation, None)
[ ] Last Router Firmware Update Date (Specify for key routers)

--- WIRELESS NETWORK SECURITY ---
[ ] Number of Wireless Access Points (WAPs)
[ ] Wireless Encryption Protocol in Use (WEP, WPA, WPA2, WPA3, TKIP, AES)
[ ] Wireless Network Security Protocols Enabled (MAC Address Filtering, RADIUS Authentication, 802.1X Authentication, Captive Portal, Guest Network Isolation)
[ ] Wireless Network Authentication Method (Open, Shared Key, RADIUS)
[ ] Description of Wireless Network Segmentation (e.g., guest, employee, vehicle)
[ ] Wireless Network Configuration Files (e.g., WAPs, Controller)
[ ] Last Wireless Network Security Assessment Date
[ ] SSID(s) in Use

--- ENDPOINT SECURITY ---
[ ] Number of Company-Issued Laptops
[ ] Number of Mobile Devices (Company Managed)
[ ] Endpoint Protection Software in Use (Microsoft Defender for Endpoint, CrowdStrike Falcon, Symantec Endpoint Protection, Other (Specify in LONG_TEXT))
[ ] Specify 'Other' Endpoint Protection Software (if selected above)
[ ] Security Features Enabled on Endpoints (Select All That Apply) (Antivirus, Firewall, Data Loss Prevention (DLP), Disk Encryption, Host-Based Intrusion Prevention System (HIPS), Application Whitelisting)
[ ] Endpoint Patch Management Process (Automated and Centralized, Manual and Decentralized, Combination of both)
[ ] Last Patch Management Cycle Completion Date
[ ] Describe the process for onboarding new endpoints to the network

--- DATA SECURITY & PRIVACY ---
[ ] Data Encryption at Rest Compliance (Fully Compliant, Partially Compliant, Not Compliant)
[ ] Data Encryption in Transit Compliance (Fully Compliant, Partially Compliant, Not Compliant)
[ ] Describe the data classification scheme in use (e.g., Public, Confidential, Restricted).
[ ] Approximate number of customer records processed annually.
[ ] Which data privacy regulations apply to the organization? (Select all that apply) (GDPR, CCPA, HIPAA, Other (Specify in LONG_TEXT))
[ ] Describe data retention policies and procedures.  How long is data stored?
[ ] Upload a copy of the data privacy policy (if available).
[ ] Date of last data privacy impact assessment (DPIA).

--- ACCESS CONTROL & IDENTITY MANAGEMENT ---
[ ] Multi-Factor Authentication (MFA) Implementation (Fully Implemented for All Users, Partially Implemented (Specific Roles), Not Implemented)
[ ] Password Complexity Policy Enforcement (Strict Policy Enforced (Length, Complexity, Rotation), Moderate Policy Enforced, Weak or No Policy)
[ ] Account Lockout Threshold (Failed Login Attempts)
[ ] Privilege Access Management (PAM) Practices (Least Privilege Principle Applied, Regular Privilege Access Reviews Performed, Just-in-Time (JIT) Privilege Elevation, Centralized PAM Solution in Place)
[ ] Last User Access Review Date
[ ] Description of User Onboarding/Offboarding Procedures
[ ] Centralized Identity Provider (IdP) Usage (Using Centralized IdP (e.g., Azure AD, Okta), Using Local User Accounts, Hybrid Approach)

--- INCIDENT RESPONSE & BUSINESS CONTINUITY ---
[ ] Estimated Recovery Time Objective (RTO) in Hours
[ ] Estimated Recovery Point Objective (RPO) in Hours
[ ] Describe the current Incident Response Plan (IRP)
[ ] Which departments are involved in the incident response process? (IT, Legal, Operations, Public Relations, Executive Management)
[ ] Last Incident Response Plan Review Date
[ ] Summarize recent simulated incident response exercises (drills) and findings.
[ ] Communication methods used during an incident (choose one) (Email, Phone Calls, SMS, Dedicated Incident Communication Platform)
[ ] Upload a copy of the Business Continuity Plan (BCP)

--- VENDOR RISK MANAGEMENT ---
[ ] Vendor Security Questionnaires Completed? (Yes, No, In Progress)
[ ] Number of Vendors Audited Annually
[ ] Summary of Vendor Risk Assessment Methodology
[ ] Security Controls Verified in Vendor Agreements (Select all that apply) (Data Encryption at Rest, Data Encryption in Transit, Multi-Factor Authentication, Regular Security Audits, Incident Response Plan, Business Continuity Plan, Data Breach Notification Procedures)
[ ] Date of Last Vendor Security Audit
[ ] Vendor Security Audit Reports Reviewed? (Yes, No, N/A)
[ ] Description of Vendor's Data Retention Policies

--- PHYSICAL SECURITY & NETWORK ACCESS POINTS ---
[ ] Are network rooms/server rooms physically secured? (Yes, with access control system, Yes, with locks and monitoring, No, lacking physical security, Unsure)
[ ] What type of access control is implemented? (Biometrics (fingerprint, retinal scan), Keycard/Proximity Card, Combination Lock, None, Manual Logbook)
[ ] Number of network access points (routers, switches, firewalls) exposed without physical barriers?
[ ] Describe visitor access procedures to network areas.
[ ] Are cabling closets locked? (Yes, No, Partially (some closets locked), Not applicable)
[ ] Upload a diagram of network room layout.
[ ] Is there video surveillance of network areas? (Yes, and recordings are retained, Yes, but recordings are not retained, No, Unsure)
[ ] Location of primary network infrastructure (e.g., server room, main router)

--- LOG MANAGEMENT & MONITORING ---
[ ] Number of Security Logs Generated Daily
[ ] Centralized Logging System in Use? (Yes, No, Partial)
[ ] Description of Log Retention Policy (duration, storage location, disposal method)
[ ] Which Log Sources are Currently Monitored? (Firewalls, Routers, Servers, Endpoint Devices, Intrusion Detection/Prevention Systems, Applications, Cloud Services)
[ ] Are Logs Encrypted at Rest? (Yes, No, Partial)
[ ] Time Required to Review Logs for Anomalies
[ ] Describe the process for responding to log-generated alerts.
[ ] Are Log Alerts Integrated with an Incident Response System? (Yes, No)

--- END OF TEMPLATE ---
Transform this text into a digital, automated, and trackable mobile app!
Visit: https://checklistguro.com/templates/logistics/network-security-audit
(Click "Install Template" to launch your digital inspection tool immediately)