Network Infrastructure Audit Work Program
Subscriber Content
Best Practices for Conducting an IT Network Infrastructure Audit
This document contains three sample work programs that can be used by organizations for conducting an IT network infrastructure audit.
Sample steps in these programs include creating written security policies that address individuals permitted to access the network device(s), individuals permitted to configure and update the network device(s), and logging and management practices; detecting any unauthorized or unapproved changes applied to network devices; and ensuring that patch levels on network devices and supporting operating systems are current and/or do not have serious security vulnerabilities associated with them.