Appendix E. Audit Program for Auditing Windows XP/2000 Environments

Questions

Yes

No

N/A

Comments

Layout and Connectivity of the Network

    

In order to form a proper audit opinion on the standard of network management, it is essential to document the types and location of all network components.

  • Locate all the PCs, peripherals, and other network components in use by the network, and establish:

    • The completeness and accuracy of the hardware inventory

    • The completeness and accuracy of the software inventory

    • The physical location of each PC, printer, cable box, bridge, or router

    • For each machine in the network, establish and document its purpose in the network, identifying:

      • Servers

      • Primary domain controllers

      • Backup domain controllers

      • Workstations

  • Determine which servers and workstations are used for:

    • Development and testing

    • End-user production purposes

    • Both

    

Examine the network topology and cabling plan.

  • Is one available?

  • Is it up-to-date?

  • Does it clearly identify:

    • Cabling routes

    • Types of cable in use (twisted pair, ethernet, token ring, etc.)

    

Determine the nature of the network protocols used in the network, for example:

  • NetBEUI

  • TCP/IP

  • IPX

  • Other

  • Are cabling runs, terminators, cable jointing boxes and other points of access to the network secure against:

    • Interference?

    • Accidental or malicious damage?

    • Are the network components examined regularly to detect signs of gradual deterioration, wear and tear, etc.?

    

System Administration:

    

Because of the design of the Windows security and management system, a ...

Get Auditor’s Guide to Information Systems Auditing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial