I have domain admin access to a new-to-me network which I have been tasked with auditing/assessing with the goal of identifying and prioritizing actions to bring the network up to an acceptable standard. I'm looking at a fairly high-level audit; something that can be completed within 4-8 hours.
It is a Windows network with Windows 2012, 2008 and 2003 servers serving Windows XP and W7 clients. There are roughly 120 users and associated PCs.
I'm looking for a guide/cheat-sheet/best practices to help me in performing a fair evaluation of the network. Below are some of the things I've identified already to give an idea of what I'm looking for.
-End of life systems (W2003 & XP)
-AD issue - 1/2 the users are members of the Domain Admin group
-AD issues - Password complexity and expiration disabled
-Server hardware with no service agreements
-MS Baseline Security analyzer identified dozens of system behind on Windows patching
-Spiceworks flagged several systems missing anti-virus