close

What Is Truth to Power?

[+/-] A research and advisory resource...
dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.
[+/-] An open forum and community...
built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.
[+/-] A plexus nexus...
a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.
[+/-] A rebellion...
against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.
Top Panel
WHAT IS T2P?
Top Panel
IT Audit Checklist: Information Security

The IT Audit Checklist for Information Security includes:

  • More than 225 specific checklist items to help you assess internal audit readiness
  • Controls derived from prominent standards/frameworks including ITIL, CobiT, and NIST
  • Pointers on audit planning, preparation, testing, and reporting
  • Clarification on what auditors want (and don't want) to see

What Is This Paper About?

This paper supports an internal audit of the organization’s information security program with guidance on improving information security practices and processes, as well as information on assessing the robustness of your organizational security efforts. The paper is intended to help IT, compliance, audit, and business managers prepare for an audit of information security controls and management and, ultimately, to ensure that both the audit experience and results are as productive as possible.

Author

Dan Swanson, CMA, CIA, CISA, CISSP, CAP, is a 26-year internal audit veteran and former director of professional practices at the Institute of Internal Auditors. Swanson has completed internal audit projects for more than 30 different organizations, spending almost 10 years in government auditing, at the federal, provincial, and municipal levels, and the rest in the private sector, mainly in the financial services, transportation, and health sectors.

He has completed more than 50 IT conversion audits and a dozen comprehensive audits of the information technology function. The author of more than 150 articles on internal auditing and other management practices, Swanson is currently a freelance writer and health information security officer during the day. He can be reached via email at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Series Editor: Cass Brewer

it audit checklist download link
downloadkey-mo

library

{jsmallfib}

Comments
RSS
Only registered users can write comments!

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."