O'Reilly logo

IT Security Risk Control Management: An Audit Preparation Plan by Raymond Pompon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

© Raymond Pompon 2016

Raymond Pompon, IT Security Risk Control Management, 10.1007/978-1-4842-2140-2_22

22. Internal Audit

Raymond Pompon

(1)Seattle, Washington, USA

A corollary to assume breach is to assume control failure. In the words of many a CIO, if you don’t check it then it wasn’t done. Anyone who has managed operations or service vendors knows that some IT workers have a different definition of done than you. Given time and exposure to the real world, things drift from their modeled description. Policies don’t match what people are doing. Project status updates are inflated. Network diagrams aren’t current or complete. Log data isn’t captured or if it is, the data slumbers unanalyzed somewhere. People leave the organization but their accounts ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required