Handling audits checklists and key points


• Look at auditors as part of the risk management team of the organization.
• Help the auditor gather information.
• Do not expect to see the audit report.
• If asked for a response, provide it promptly.
• Work with internal audit to identify key risks for the organization.
• If an external audit is expected, talk with system administrators to learn how they are implementing security policies and procedures.
• Conduct a mock audit before a real one to identify potential findings.
• When writing a response, identify projects that can manage risk identified in the audit findings.
• If you disagree with a finding, make sure to clearly state your objections and your
measurement of the risk.


Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Google
  • Yahoo
  • Technorati

Trackback URL for this post:

http://www.desktopauditing.com/trackback/121

User login

Who's new

  • toolwerx
  • Papabaz
  • onendoclame
  • RakvallWeet
  • invijah

Who's online

There are currently 0 users and 2 guests online.