Appendix A

External Audit Checklists

The information in this appendix is meant to be a guide. Each audit has a different set of criteria that must be met to be passed, and each auditing company and each individual auditor has a different interpretation of the specification that defines each audit. The information provided here should be used as a guideline to give you the best possible chance of passing the audit on the first try.

Note

Make no assumptions…

When working with an auditor, always answer the question being asked, and only the question being asked. The auditor will hopefully be answering specific questions, which should require specific answers. If an auditor asks a question that is very broad, there is nothing wrong with asking for ...

Get Securing SQL Server, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.