WAREHOUSE WMS SECURITY CHECKLIST Created by ChecklistGuro (https://checklistguro.com) --- USER ACCESS & AUTHENTICATION --- [ ] Multi-Factor Authentication Enabled? (Yes, No, Partial (some users)) [ ] Password Complexity Requirements? (Strong (length, special characters), Medium, Weak/None) [ ] Minimum Password Length (characters) [ ] Last Password Policy Review Date [ ] Privilege Escalation Controls? (Strict – Requires Approval, Limited – Self-service, None) [ ] Describe User Access Review Process [ ] Role-Based Access Control (RBAC) Implemented? (Yes, No, Partial) --- DATA ENCRYPTION & PROTECTION --- [ ] Encryption Method at Rest (AES-256, RSA, Other (Specify in Long Text)) [ ] Specify Encryption Method (if 'Other' selected) [ ] Encryption Protocol for Data in Transit (TLS 1.3, TLS 1.2, SSL 3.0 (Not Recommended), Other (Specify in Long Text)) [ ] Specify Encryption Protocol (if 'Other' selected) [ ] Key Length (in bits) [ ] Key Management Method (Centralized Key Management System, Hardware Security Module (HSM), Software-Based Key Management, Other (Specify in Long Text)) [ ] Specify Key Management Method (if 'Other' selected) --- SYSTEM PATCHING & UPDATES --- [ ] Last System Patch Applied Date [ ] WMS Software Version Number [ ] Patching Method (Automated, Manual, Hybrid) [ ] Next Scheduled Patching Date [ ] Description of Patches Applied (Include Release Notes) [ ] Patching Server Status (Active, Inactive, Maintenance) --- NETWORK SECURITY --- [ ] Firewall Type (Hardware, Software, Cloud-based) [ ] Firewall Rule Count [ ] Intrusion Detection/Prevention System (IDS/IPS) (Enabled, Disabled, N/A) [ ] Network Segmentation Description [ ] VPN Usage for Remote Access (Enabled, Disabled, N/A) [ ] Last Network Vulnerability Scan Date --- DATA BACKUP & RECOVERY --- [ ] Last Successful Backup Timestamp (Epoch) [ ] Last Full Backup Date [ ] Next Scheduled Full Backup Date [ ] Backup Storage Location (On-site, Off-site (Cloud), Hybrid) [ ] Backup Retention Period (Days) [ ] Description of Disaster Recovery Plan [ ] Backup Type (Full, Differential, Incremental) [ ] Recovery Time Objective (RTO) - Hours --- PHYSICAL SECURITY --- [ ] Server Room Location [ ] Access Control Methods Implemented (Keycard Access, Biometric Scan, Security Guard, PIN Code) [ ] Number of Security Cameras [ ] Visitor Policy (Mandatory Sign-In, Escorted Visits Only, No Visitor Access) [ ] Last Physical Security Audit Date [ ] Details of Physical Security Measures (e.g., perimeter fencing, lighting) --- AUDIT TRAILS & LOGGING --- [ ] Number of Audit Log Files Rotated Per Month [ ] Last Audit Log Review Date [ ] Summary of Audit Log Review Findings [ ] Audit Log Retention Policy Compliance (Compliant, Non-Compliant, N/A) [ ] Logged Events (Select all that apply) (User Logins, Data Modifications, System Configuration Changes, Report Generation, Inventory Adjustments) [ ] Frequency of Real-Time Log Monitoring --- VENDOR SECURITY ASSESSMENT --- [ ] Vendor Security Policy Summary [ ] Vendor Security Certification(s) (ISO 27001, SOC 2, PCI DSS, Other (Specify)) [ ] Vendor Security Assessment Report [ ] Date of Last Vendor Security Assessment [ ] Vendor Vulnerability Management Process (Formal Program, Informal Process, No Defined Process) --- INCIDENT RESPONSE PLAN --- [ ] Summary of Incident Response Plan [ ] Incident Severity Levels Defined? (Yes, No, Not Applicable) [ ] Estimated Time to Contain Incident (Hours) [ ] Date of Last Incident Response Plan Review [ ] Communication Channels Used During Incident? (Email, Phone, Instant Messaging, Dedicated Incident Management Platform) [ ] Roles & Responsibilities Clearly Defined? (Yes, No, Partially Defined) --- COMPLIANCE & REGULATIONS --- [ ] Relevant Compliance Standards? (GDPR, PCI DSS, CCPA, ISO 27001, Other) [ ] Specific Compliance Requirements? [ ] Last Compliance Audit Date [ ] Data Sensitivity Level (1-5) [ ] Applicable Data Privacy Principles (Data Minimization, Purpose Limitation, Storage Limitation, Accuracy, Integrity and Confidentiality) [ ] Regulatory Contact Name --- END OF TEMPLATE --- Transform this text into a digital, automated, and trackable mobile app! Visit: https://checklistguro.com/templates/wms/warehouse-wms-security-checklist (Click "Install Template" to launch your digital inspection tool immediately)