Chapter 3. The Information Systems Audit Program
Solutions in this chapter:
▪ Audit Checklists
▪ Testing your Organization's Security
▪ Developing an Audit Manual
▪ Security Management Model
Summary
Introduction
The more you know about your organization, the better prepared you'll be for conducting an information systems audit.
Audit Checklists
One of the best sources of material that can be used to create an audit checklist from industry standards is an organization such as the Center for Internet Security (www.cisecurity.org), which maintain consensus documents that may be used to create your checklist. The standards provide a list of controls that may be listed in your checklist for you to verify. The purpose of the checklist is to gain metrics associated ...
Get The IT Regulatory and Standards Compliance Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.