Skip to main content

Evidence Binder Index

Last updated: {{insert date}}

The following logs are maintained as part of Kunjani’s Information Security Management System (ISMS).
Detailed entries are restricted to internal staff and auditors under NDA.

1. Risk Management

  • Risk Register
    Tracks all identified information security and privacy risks, their likelihood, impact, mitigation plans, and review dates.

  • Exceptions Register
    Records risks that have been consciously accepted by management, with justification and review dates.

2. Operational Security

  • Log Review Log
    Records weekly/monthly log reviews and alert triage, including findings, actions, and escalation.

  • Backup Test Log
    Records annual backup and recovery tests, including RPO/RTO results and corrective actions.

3. Data Protection

  • Data Disposal Log
    Records disposal of customer or company data in line with the Data Retention & Disposal Policy.

  • Data Subject Request (DSR) Log
    Tracks GDPR/POPIA requests (access, correction, deletion, restriction, portability, objection), response deadlines, and outcomes.

4. Additional Evidence (as applicable)

  • Incident Reports (linked from Incident Response Playbook)
  • Training & Awareness Records (linked from Training & Awareness book)
  • Audit Findings & Corrective Actions

Review Cycle

This Evidence Binder Index is reviewed annually as part of the ISMS Management Review.

Back to top