Internal Controls

Internal Controls explain the activities we perform at our organisation to deal with Risks and Compliance Requirements. We document what they do, how we test them and what Policies, Standards and Procedures govern them.

60

0%
Current Internal Controls

0

0%
New Internal Controls

0

0%
Updated Internal Controls
Actions
Title
Objective
Audit Methodology
Audit Success Criteria
Maintenance Task
Policies
Incident Management Process Review
Ensure the incident management process for breaches is known to all affected parties and is handled correctly
Evidence:
- List of incidents from the Incident Module
- Incident Policy and Contact List

Analysis:
- Ensure incidents have all been completed and none left without properly having completed the stage
- Ensure the contact list has been updated with the right records and updated contacts
- Ensure that incidents included disciplinary processes when applicable

Output:
- PDF of the contact list
- List of incidents reviewed
All sampled incidents have followed and completed all stages.
Contact list has updated contact information.
Incidents lead to disciplinary actions and these have been properly recorded
NA
Vulnerability and Incident Management GRC Contact List