IT Hardware Supplier Security Audit Checklist
1. Supplier Background
| Checklist Item |
Yes |
No |
Comments |
| Supplier provides company registration and ownership details |
| | |
| Supplier has a documented security policy |
| | |
| Supplier is not on any sanctions or watchlists |
| | |
2. Physical & Logistics Security
| Checklist Item |
Yes |
No |
Comments |
| Secure storage facilities for hardware |
| | |
| Documented chain of custody for hardware delivery |
| | |
| Anti-tamper packaging used for shipments |
| | |
3. Product Integrity
| Checklist Item |
Yes |
No |
Comments |
| Authenticity of hardware is verifiable |
| | |
| Supplier provides bill of materials and firmware/software sources |
| | |
| Process in place for reporting hardware vulnerabilities |
| | |
4. Compliance & Certifications
| Checklist Item |
Yes |
No |
Comments |
| Supplier holds relevant certifications (e.g., ISO 27001) |
| | |
| Complies with applicable legal/regulatory requirements |
| | |
| Undergoes regular third-party audits |
| | |
5. Incident Management
| Checklist Item |
Yes |
No |
Comments |
| Supplier has incident response procedure |
| | |
| Channels for reporting and tracking incidents |
| | |
| Notifies clients of incidents in a timely manner |
| | |
Additional Notes