Auditing IT Infrastructures for Compliance, 3rd Edition
by Robert Johnson, Marty Weiss, Michael G. Solomon
Summary of Findings
An audit finding is a documented conclusion of a control or process. It involves noncompliance to policies and industry norms. The objective of the audit determines how findings need to be documented. As findings are discovered, further investigation might be required to satisfy the objectives, which will be summarized in the final report. The following four elements constitute a finding:
Criteria—This identifies the expected or desired state. This provides the context for evaluating the evidence collected by the auditor and the subsequent procedures the auditor performs. The criteria might be based, for example, on regulations, policies, standards, and external frameworks.
Condition—This identifies the situation within ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access