Audit Evidence Templates

Part of the IDENTIFY Playbook ← Return to Hub

Audit Evidence Templates

The Surveyor’s View: During a Cyber Secure (Tier 1 or 2) audit, the inspector won’t just look at the hardware; they will look for the Paper Trail. These templates ensure your evidence meets IACS UR E26 standards.

1. The Evidence Checklist

Evidence for the Identify phase must prove that you have analyzed the vessel’s cyber-topology. Ensure the following documents are ready for review:

CBS Register

A formal list of Computer Based Systems including owner, location, and criticality category (I, II, or III).

Requirement: UR E26 §5.1.1

Network Diagram

Logical diagrams showing Zones, Conduits, and air-gaps. Must be signed and dated by the CCSO.

Requirement: UR E26 §4.2

2. Critical Data Requirements

Artifact Name	Key Requirement	Compliance Ref
Software Version List	Include PLC firmware, HMI OS, and specific Patch levels.	IEC 62443-2-4
Data Flow Matrix	Define Source, Destination, Port, and Protocol (e.g., Modbus 502).	UR E26 §3.2
Change Log	Chronological history of all technical interventions since last audit.	UR E26 §5.3.1

Evidence Generation Tools

Quickly generate compliant documentation using the templates built into the TAGSIA Playbook system.

Create Change Request (MoC) Exclusion Assessment Template

PREVIOUS:
CSDD & Exclusion Assessment

Next Section

Identify Phase: Summary & Audit Readiness

Identify Phase: Summary & Audit Readiness 🔍 Phase Objective The Identify Phase is about Visibility. You cannot protec...

Identify Phase: Summary & Audit Readiness →