Overheard: Word of the Day

Feb 6 2009   12:55PM GMT

Overheard – Avoiding common audit pitfalls

Margaret Rouse Margaret Rouse Profile: Margaret Rouse

“Make no mistake — auditors will find fault with your systems, your processes, and the people who operate them. They’re auditors. It’s their job.”

Kelly Jackson Higgins, Experts share tips on how to avoid the most common pitfalls in an audit

If you missed Kelly’s article when it first came out, take moment and read through it.  I bet you’ll learn something.

Key points I want to remember:

  • Two of their most common reasons for failing an audit are poor documentation and poor training programs.
  • It’s all about proving that data isn’t tampered with — from inside or out.

– Manage change in a consistent manner.
– Clearly define roles and permissions.
– Know who (and where) users are, what role they play and what permissions they have.
– Align physical security with IT security.
– Be ready to demonstrate how you monitor security.
– Be ready to demonstrate how you are able to detect and act on anomalies.
– Map security processes to business processes. A checklist isn’t enough.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: