How to handle the IT Auditor - A simple checklists

How to handle the IT Auditor - A simple checklists

1. Help the auditor gather information.

2. Do not expect to see the audit report.

3. If asked for a response, provide it promptly.

4. Work with internal audit to identify key risks for the organization.

5. If an external audit is expected, talk with system administrators to learn how they are implementing security policies and procedures.

6. Conduct a mock audit before a real one to identify potential findings.

7. When writing a response, identify projects that can manage risk identified in the audit findings.

8. If you disagree with a finding, make sure to clearly state your objections and your measurement of the risk.