Section 999.218 - Audit Report Format(a) The format of a security audit report shall include, but is not limited to, all of the following:(1) A summary of recommendations in a task-list format.(2) A description of the Computer Security Auditor's methodology.(3) A section for detailed technical observations and recommendations.(4) A diagram depicting results, where applicable.(5) Results of testing and reviews.(6) Recommendations for additional precautions needed to ensure that the system is secure.(7) A copy of the list of all users who have been approved for Secure Access to the ERDS.Cal. Code Regs. Tit. 11, § 999.218
1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsection (a)(7) filed 10-7-2019; operative 1-1-2020 (Register 2019, No. 41). Note: Authority cited: Sections 27393 and 27394(c)-(f), Government Code. Reference: Sections 27393(b)(2), 27393(b)(3), 27393(b)(6), 27393(c) and 27394(c)-(f), Government Code.
1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsection (a)(7) filed 10-7-2019; operative 1/1/2020 (Register 2019, No. 41).