Corrective Action Plan And It Security Audit Quarterly Summary Template
ADVERTISEMENT
1Corrective Action Plan and IT Security Audit Quarterly Summary Template
_________
Date
PURPOSE: This Plan describes IT Security Audit findings; documents responsibility for addressing the findings; and describes
progress towards addressing the findings. Provide enough information to enable the reader to understand the nature of the
finding, the impacts, and the planned remedy.
_____________________________
IT System(s)_________________________
Audit Name:
1
3
Audit
Short Title
Summary
Agency
Planned Corrective Action
Responsible
Status
Due Date
Exception on
4
Finding
Concurs
or
Person(s)
File
2
No.
Mitigating Controls
_____________________________
IT System(s)_________________________
Audit Name:
Audit
Short Title
Summary
Agency
Planned Corrective Action
Responsible
Status
Due Date
Exception on
Finding
Concurs
or
Person(s)
File
No.
Mitigating Controls
1
Agency Concurs: Concur or Does Not Concur
2
If the Agency does not concur, the Mitigating Controls and Risk Acceptance must be stated in Planned Corrective Action.
3
Status: NS = Not Started; U = Underway; C = Completed
4
Exception on file for findings not compliant with COV Information Security Standard (SEC501): Y = Yes; N = No
NOTE: CAPs must be submitted within 30 days of issuing the final audit report completion. All CAPs should be combined into
one cumulative summary agency CAP and submitted to Commonwealth Security quarterly within 30 days of quarter’s end date
to be counted.
1
ADVERTISEMENT
0 votes
Related Articles
Related forms
Related Categories
Parent category: Business