The subject knowledge required to perform a successful security audit or internal audit review can be substantial. This can require significant research effort and expense.

The Security Audit Shop is intended to address this issue. It provides a range of affordable pre-packaged security checklists and audit plans for you to download and use.

The documentation is provided largely in MS-Word and PDF formats, to enable full access to and control of the resources once they have been purchased. They should save many hours extensive effort.

The Disaster Recovery Toolkit comprises checklists and questionnaires to ensure a fully comprehensive review of both the disaster recovery plan and the supporting contingency practises and arrangments. This has been in particular demand since Sept 11th.

The e-Security Toolkit comprises security checklists and questionnaires covering network/LANs, firewalls, internet access, data access, virus management, etc. A very comprehensive and detailed audit tool. ** Recommended **

The ISO Security Manual covers roles, responsibilities, security administration, management... essentially many of the areas which are often overlooked or not given sufficient focus.

Compliance with legislation is of course essential. Auditing against this therefore highly recommended.

The Data Protection Act is the first legislation covered by a specific toolkit.

ISO 17799 Consultant is actually more than a checklist or plan. It is a sophisticated software product which measures compliance and identifies exceptions against ISO17799. The standard itself is also available for a manual approach.

Often security policy is audited against - assuming there is one! If not, the leading off-the-shelft player is RUsecure.

For strict risk based audit, via risk assessment, COBRA is the established front runner.

The Security Audit Shop is shortly to feature a series of small audit programs focusing upon specific technologies and areas. If you own a program or checklist which might be suitable, please contact us to discuss inclusion.

For more information on these security checklists and internal audit programs, please contact us



You can order ALL the plans and checklists from here


Security Audit and Internal Audit

The e-Security Toolkit is designed for the audit and security review of an e-commerce and network infrastructure

A directory of information security policies and related information is maintained by the Information Security Policies Group

The Security Audit Shop

Copyright 2005. C. All rights reserved. Contact: The Security Audit Management Group