Last updated by: Anonixiate, Last updated on: 01/05/2025
Document Creation: 17 April, 2025. Last Edited: 17 April, 2025. Authors: Shreyas Vivek, Kim Brvenik.
Effective Date: 17 April 2025. Expiry Date: 17 April 2026.
Weekly Audit Checklist
Multi-Factor Authentication
ML1-MF-08 — MFA logs are collected and reviewed for suspicious login attempts.
-
Audit Procedure:
Inspect SIEM logs and MFA monitoring dashboards. -
Evidence Required:
SIEM alerts, login pattern reports. -
Tools/Methods:
Splunk, Microsoft Sentinel
-
Responsible Team:
Cybersecurity GRC
-
Status:
[ ] Pass
[ ] Fail
[ ] N/A -
Notes:
Add notes here during audit.
Patch Applications
ML1-PA-06 — Confirm all known exploitable vulnerabilities older than 48 hours are patched or mitigated.
-
Audit Procedure:
Run patch verification and determine lag beyond allowed window. -
Evidence Required:
Remediation evidence, exception logs. -
Tools/Methods:
Qualys, Sysmon
-
Responsible Team:
DevSecOps
-
Status:
[ ] Pass
[ ] Fail
[ ] N/A -
Notes:
Add notes here during audit.
ML1-PA-07 — All internet-facing apps patched within 2 weeks of patch availability.
-
Audit Procedure:
Compare software patch date with original vendor release. -
Evidence Required:
System patch logs, vendor release notes. -
Tools/Methods:
Patch management dashboard
-
Responsible Team:
DevSecOps
-
Status:
[ ] Pass
[ ] Fail
[ ] N/A -
Notes:
Add notes here during audit.