The following is the domain checklist:

• Has the security within the user organization been arranged (see checklist for security)?
• Is an efficient production scheme set up with a balanced regulation of priorities between the applications and with the supporting functions, such as the back-up procedure?
• Is access to the computer center restricted to the people who belong there?
• Is the computer center housed in a building that is optimally proof against stroke of lightning, fire, electricity failure, and water damage?
• Will the input be checked?
• Are passwords being used?
• Will attempts for access be checked?
• Has the choice for subsystems been argued?
• Have all integrity needs been addressed?
• Is the solution capable of functioning correctly--or at the very minimum not failing catastrophically--under many conditions?
• Describe tools or instrumentation that are available that monitor the health and performance of the system.
• Describe what form of audit logs are in place to capture system history, particularly after a mishap.
• Describe the capabilities of the system to dispatch its own error messages to service personnel.