ISO27001 audit in real-time....
1) opening meeting
1) opening meeting
Introductions
Blah blah blah
Auditer w domain experience
Key person unavailable (not a problem - business continuity)
Changes since Covid-19?
Emergency test of home-working for all staff: no major issues
Acquired another company
Sharepoint migration
Integration of previous acquisition
3) access control
Access control policy
New starters process (again)
New starter form -> ticketed
Another worksheet
Includes apps and networks

Review ticket
How are creds communicated?
Password policy
Enforced via GPO
Can we look at GPO?
Outsourced to MSP
Let’s review local policy
Local policy doesn’t match GPO

Attempt to change password against policy fails

Regular review of access rights
Process for non-ad accounts
Not IT responsibility -> application owner/admin
Control of domain admins
Logging and MFA
Review of domain admins
Generic MSP acct being replaced with named individuals
Leavers form
Compare w AD
Disabled

Break for lunch
