The following is the domain checklist:
- Has the security within the user organization been arranged (see checklist for security)?
- Is an efficient production scheme set up with a balanced regulation of priorities between the applications and with the supporting functions, such as the back-up procedure?
- Is access to the computer center restricted to the people who belong there?
- Is the computer center housed in a building that is optimally proof against stroke of lightning, fire, electricity failure, and water damage?
- Will the input be checked?
- Are passwords being used?
- Will attempts for access be checked?
- Has the choice for subsystems been argued?
- Have all integrity needs been addressed?
- Is the solution capable of functioning correctly--or at the very minimum not failing catastrophically--under many conditions?
- Describe tools or instrumentation that are available that monitor the health and performance of the system.
- Describe what form of audit logs are in place to capture system history, particularly after a mishap.
- Describe the capabilities of the system to dispatch its own error messages to service personnel.