Checklists
Step-by-step verification protocols for security, backups, and operations.
IT Ownership Control Checklist
Verify ownership of critical IT assets including domains, DNS, email, cloud accounts, and billing to prevent lock-out.
Privileged Accounts Inventory Checklist
Identify and catalog all accounts with administrative access to prevent shadow IT and unauthorized access.
MFA Rollout Checklist
Step-by-step guide to deploying Multi-Factor Authentication across your organization, including exception handling.
Offboarding Checklist (Employee + Vendor)
Ensure secure revocation of access when employees or vendors leave, preventing data leaks.
Who Can Reset Passwords? Control Checklist
Audit and restrict who has the power to reset credentials to minimize social engineering risks.
Patch Cadence Checklist
Establish a routine schedule for patching workstations, servers, and network gear.
Backup Hygiene Checklist
Verify your backup strategy adheres to the 3-2-1 rule and includes regular restore testing.
Endpoint Baseline Checklist
Standard security configuration for laptops and workstations (encryption, antivirus, firewall).
Email Security Checklist
Configure SPF, DKIM, and DMARC to prevent spoofing and improve deliverability.
Logging & Alerting Readiness Checklist
Ensure you are capturing the right logs to detect and investigate incidents.
Top 10 Failure Modes Readiness Checklist
Prepare for the most common IT failures (disk full, expired certs, etc.).
ISP Redundancy Checklist
Verify failover configurations for internet connectivity.
Power/UPS Checklist
Ensure power protection and orderly shutdown procedures are in place.
Restore Test Checklist
A protocol for quarterly validation of backup restorability.
Vendor Outage Response Checklist
Steps to take when a critical SaaS or infrastructure vendor goes down.
Change Control Minimum Bar Checklist
The bare minimum requirements for approving changes to production systems.
Admin Portal Release Readiness Checklist
Pre-flight checks before deploying updates to internal tools.
TLS/NGINX Hardening Checklist
Secure your web servers and encryption configurations.
Asset Inventory Checklist
Steps to build and maintain a comprehensive list of hardware and software assets.
Documentation Completeness Checklist
Assess the coverage and quality of your IT documentation.
Audit Evidence Gathering Checklist
Prepare for compliance audits by collecting necessary logs and configurations.
Policy Adoption Checklist
Ensure policies are actually read, understood, and signed by staff.
Data Retention & Deletion Checklist
Verify that data is being kept for required periods and securely deleted when expired.
Incident Tabletop Checklist
Preparation steps for running a successful incident response simulation.
Minimum Viable Security for SMB Checklist
Quick wins and essential controls for small businesses starting their security journey.