Your checklists (
0
)
AI Checklist Generator
From the makers of
Manifestly Checklists
Sign in
Email address
Email me a magic link
Home
> Security Architecture review
Security Architecture review
Governance and Compliance
Ensure alignment with regulatory requirements (e.g., GDPR, HIPAA)
Review security policies and procedures
Verify roles and responsibilities for security governance
Assess compliance with industry standards (e.g., ISO 27001, NIST)
Risk Assessment
Identify and categorize assets
Conduct a threat modeling exercise
Evaluate existing vulnerabilities
Assess impact and likelihood of potential risks
Network Security
Review network segmentation and isolation
Evaluate firewall configurations and rules
Assess intrusion detection and prevention systems
Verify secure communication protocols (e.g., VPN, TLS)
Identity and Access Management
Review user account provisioning and de-provisioning processes
Assess multi-factor authentication implementation
Verify role-based access controls (RBAC)
Evaluate access logs and monitoring practices
Application Security
Conduct a review of secure coding practices
Assess application security testing methods (e.g., SAST, DAST)
Verify vulnerability management processes for applications
Review third-party software and dependency security
Data Protection
Assess data classification and handling procedures
Review encryption standards for data at rest and in transit
Verify backup and disaster recovery plans
Evaluate data loss prevention measures
Incident Response
Review incident response plan and procedures
Assess incident detection and monitoring capabilities
Verify training and awareness programs for staff
Conduct a tabletop exercise to test incident response readiness
Physical Security
Assess physical access controls to facilities
Review visitor access policies and procedures
Evaluate environmental controls (e.g., fire, water damage)
Verify surveillance and monitoring systems
Continuous Improvement
Establish metrics for security architecture effectiveness
Review findings from previous audits and assessments
Implement a process for regular architecture reviews
Encourage feedback from stakeholders for ongoing enhancements
Download CSV
Download JSON
Download Markdown
Use in Manifestly