KEMBAR78
IT Infrastructure Audit Guide | PDF | Backup | Virtual Private Network
Scribd
Upload
93 views9 pages

IT Infrastructure Audit Guide

The document contains a questionnaire for assessing an organization's IT infrastructure. It includes questions about security policies and protocols, network configuration, server hardware specifications, backup solutions, and administrative processes. The questionnaire addresses topics such as Active Directory, remote access, firewalls, switches, storage, bandwidth, virtual private networks, disaster recovery, password management, and asset tracking.

Uploaded by

Vibin - IT Consultant
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
93 views9 pages

IT Infrastructure Audit Guide

The document contains a questionnaire for assessing an organization's IT infrastructure. It includes questions about security policies and protocols, network configuration, server hardware specifications, backup solutions, and administrative processes. The questionnaire addresses topics such as Active Directory, remote access, firewalls, switches, storage, bandwidth, virtual private networks, disaster recovery, password management, and asset tracking.

Uploaded by

Vibin - IT Consultant
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 9

QUESTIONNAIRE FOR IT INFRASTRUCTURE ASSESSMENT

Security
1. Have you implemented Standard Operating Procedure and policies?

Yes No

2. Have you implemented Active Directory management

Yes No

3. Have you implemented Remote Logins / User management

Yes No

4. Have you set User Privileges

Yes No

5. Does the servers located in the same domain and/or switch?

Yes No

6. Are you running SAS, SATA, Fiber, or SCSI on your database server/s?

Yes No

7. What is the RAID configuration on your database servers?

..................................................................................................

8. How many CPUs on the database servers?

...................................................................................................

9. How much RAM is on your database server/s?

.....................................................................................................
10. How old are your database server/s?

................................................................................................................

11. Have your drawn LAN Cabling structure

Yes No

12. Have you implemented VLAN?

Yes No

13. Do we have Port management system?

Yes No

14. Have we implemented VPN

Yes No

15. Which protocol is used for VPN connection

................................................................................................................

16. Have we implemented Firewall policy?

Yes No

17. What is the status of your network?

................................................................................................................

18. What are your network connection speeds?

................................................................................................................
19. Do you have fiber or Ethernet

Yes No Specify: 10/100/1000?

20. Is fibre/Ethernet mapped to digital file ?

Yes No

21. Specify the implemented Firewall devices?

Yes No

22. Does your Firewall have VPN capability?

Yes No

23. Does your Firewall have DMZ capability?

Yes No

24. Does your Firewall have site-to-site capability?

Yes No

25. Is your Firewall Stateful?

Yes No

26. Is it possible to do IPSEC or PPTP?

Yes No

27. What is your incoming bandwidth?

................................................................................................................

28. What is your outgoing bandwidth?

................................................................................................................
29. Has your bandwidth spiked to 80% or more in the past 3 months?

Yes No

30. Are your switches gigabit or higher?

Gigabyte Higher

31. Do you have an active directory and domain?

Yes No

32. How many domains are used in your network?

................................................................................................................

33. Will the servers use different domains than the users?

Yes No

34. Do you have ADFS or an Identity Store like BigIP?

Yes No

35. Do you have a server room?

Yes No

36. Is your server on railed racks?

Yes No

37. Do you have VOIP phones configured for both data and voice connections to
laptops/workstations?

Yes No
38. Have you set up DC & DR?

Yes No

39. Mention the software being used for DB server.

................................................................................................................

40. Do you have ,HA for firewall (Redundancy)?

Yes No

41. Have you implemented intrusion detection system?

Yes No

42. Have you implemented intrusion prevention system?

Yes No

Data Management
1. Have you configured Automatic Software / user Backup

Yes No

2. Backup copy to another remote location

Yes No

3. What measures have we taken for preventing data loss

................................................................................................................

Performance
1. Have we enabled Audit Logging for Restricted Data or not

Yes No
2. Have we enabled Administrator and Operator Logs or not

Yes No

3. Have we enabled Network protection?

Yes No

4. Do we have Wireless Networks protection?

Yes No

5. Protection of System

6. Do we conduct PC Annual Health Check?

Yes No

Backup
1. Do we transport and store Backup tapes to another location

Yes No

2. Do we conduct Periodical verification of backups?

Yes No

3. Do we have Disaster recovery system?

Yes No

4. Do you have Tape, HDD, or offsite backup equipment?

Yes No
5. If tapes, what type of tapes.

................................................................................................................

6. If HDD, specify its storage and HDD capacity?

................................................................................................................

7. What type of devices do you have?

................................................................................................................

8. Specify the backup routine that you follow?

................................................................................................................

9. What is the longevity of the backup?

................................................................................................................

10. Is there a reuse policy?

Yes No

11. When are the full backups taken?

................................................................................................................

12. When are the incremental backups taken?

................................................................................................................

13. Is there a secondary failsafe system offsite?

Yes No

14. Specify what all do you back up

OS or the entire client PC

Laptop or mobile device

Snapshot backup
15. When does the backup occur?

................................................................................................................

16. Specify where the backups get stored?

................................................................................................................

17. Which Email server is used for mail ilg solution

................................................................................................................

18. Specify If any backup server is used?

................................................................................................................

19. Have you implemented any archiving solutions for backup?

Yes No

20. Have you implemented a email policy?

Yes No

Administration

1. Do we have an internal Steering committee for IT department review

Yes No

2. How do you maintain Password management (Whether sensitive user IDs (e.g. root,
RDBMS, DBA etc) and passwords are maintained as per HO guidelines and the
prescribed procedures are being complied)

................................................................................................................

3. Whether passwords are kept in a dual custody in sealed cover

Yes No
4. Do we update changed passwords and again document it and save in a sealed cover?

Yes No

5. Do we have any Business continuity plan?

Yes No

6. Do we have Server and Firewall warranty

Yes No

7. Have you implemented any Asset Management System?

Yes No

8. Have you implemented any IT ticketing system?

Yes No

9. Have you implemented any Network monitoring tool?

Yes No

You might also like