1.0 Executive Summary
2.0 Introduction
2.1 Background 2.2 Audit Purpose 2.3 Audit Scope 2.4 Audit Approach / Methodology 2.5 The Government Security Model
3.0 Audit Results
3.1 Guide to the Audit of Security - Audit Objectives 3.2 Audit Guide on Information Technology Standard - Audit Objectives
4.0 Recommendations
4.1 Departmental Policies and Procedures 4.2 Security Awareness and Training Program 4.3 Records Management - Multiple Volume Dockets 4.4 Records Management - Downgrading or Declassification of Information 4.5 Preparation of Threat Risk Assessments 4.6 Investigation of Security Breaches and Violations 4.7 Physical Security Requirements 4.8 Retrieving Corporate Assets from Discharged Employees 4.9 Business Resumption Plan 4.10 System Development Methodology
Annex A