Word of the Day: Tech Definitions from WhatIs.com

Feb 6 2009   12:55PM GMT

Overheard – Avoiding common audit pitfalls

Margaret Rouse Margaret Rouse Profile: Margaret Rouse

“Make no mistake — auditors will find fault with your systems, your processes, and the people who operate them. They’re auditors. It’s their job.”

Kelly Jackson Higgins, Experts share tips on how to avoid the most common pitfalls in an audit

If you missed Kelly’s article when it first came out, take moment and read through it.  I bet you’ll learn something.

Key points I want to remember:

  • Two of their most common reasons for failing an audit are poor documentation and poor training programs.
  • It’s all about proving that data isn’t tampered with — from inside or out.

– Manage change in a consistent manner.
– Clearly define roles and permissions.
– Know who (and where) users are, what role they play and what permissions they have.
– Align physical security with IT security.
– Be ready to demonstrate how you monitor security.
– Be ready to demonstrate how you are able to detect and act on anomalies.
– Map security processes to business processes. A checklist isn’t enough.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: