| Project Name | Date | ||
|---|---|---|---|
| Checked By | Reviewed By |
| # | Control to be Tested | Test Steps / Method | Status (Pass/Fail) | Notes |
|---|---|---|---|---|
| 1 | User authentication enforced | |||
| 2 | Password policy applied | |||
| 3 | Role-based access control implemented | |||
| 4 | Access to sensitive data is restricted | |||
| 5 | User session management (timeout, logout, etc.) | |||
| 6 | Audit logs for access events | |||
| 7 | Access review and revocation process in place | |||
| 8 | Unauthorized access attempts monitored | |||
| 9 | Least privilege principle enforced | |||
| 10 | 3rd party access controls evaluated |