Security Audit

Kick-Off

Define scope

Define functional categories

Define level of detail of audit

Prepare audit execution plan

Audit

Perform checks for each functional (sub)category according to NIST Framework

Review documentation

Conduct interviews with key stake holders

Reporting

Report on each functional (sub)category

Define Target Profile

List corrective actions addressing key flaws and risks (roadmap)

Presentation & Follow-Up

Present audit report to stakeholders

Explain corrective actions to increase maturity towards next audit

Deliverables

Audit Report (description & scoring on each category)

Target Profile (optional)

Security Roadmap for
increasing maturity (optional)

0000