Technical Controls Checklist
- [ ] Encryption ON (in transit)
- [ ] Encryption ON (at rest)
- [ ] Access control (least privilege)
- [ ] Audit logs enabled
- [ ] Logs retained 6 months
- [ ] Secrets stored securely (no plaintext)
- [ ] Data minimization (collect only what you need)
- [ ] Backups configured
- [ ] Incident response path documented