Professional Documents
Culture Documents
Overview
What is Internal Audit IT Audit Process Common IT Audit Observations So What Should We Do Questions
Audit Process
Planning
Annual Risk Assessment Preliminary Audit Plan Board of Visitors Approval Notification and Request for Information Understand Your Risks and Controls Opening Conference
Testing
Security Testing
Remote Vulnerability Scans
Servers
Printers
Routers
Security Testing
Workstations
Laptops
Servers
Critical Data
Reporting
Observations
Recommendations
Reporting
Reporting
To Implement Solutions
Reporting
A Final Report is Sent to The Board of Visitors
Follow-Up
Follow-Up Actions are Based on Your Management Action Plan Progress is Monitored Some Re-Testing May be Necessary Board of Visitors is Updated Audit is closed
Harden Security Settings Keep Everything Patched Install and Use Anti-Malware Tools Enforce Strong Passwords Close or Filter Communication Ports Test Your Systems Support Your System Administrator!
Questions
Success Redefined