IT Governance, Risk, and Compliance

Oct 25 2011   7:58PM GMT

Auditing Information Assets Protection – Part II

Robert Davis Robert Davis Profile: Robert Davis

Retrospectively, information security audits are a routine matter for internal auditors, but sometimes a controversial issue among external auditors. The controversy centers on the extent that IT security controls are accounting controls rather than administrative controls. Though most external auditors accept access controls as accounting controls, there is opinion division when considering other IT security controls. For instance, regarding other IT security controls, off-premise file storage, environmental protection mechanisms, and data processing insurance are treated as administrative controls by the external auditors promoting their position for these auditable units.

View Part I of the Auditing Information Assets Protection series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: