Security audit management

security audit management
Managing a security audit (such as PCI or CICA 5970/SAS 70) can be a major distraction and is often stressful, with each audit cycle bringing up new challenges.

Prepare, comply and pass the test

Adequate preparation for a successful security audit commonly begins with a document review and update cycle, to ensure that all requirements are captured, in order to demonstrate that “you say what you do”. The next step is to measure how well “you do what you say”, by assessing adherence to the documented ruleset through observed behaviour and system state, generally followed up by an alignment process. With sufficient preparation, the third and final phase – the external audit – should hold few surprises in terms of findings requiring remediation efforts.

Manage your security audit

An independent internal auditor can help an organization meet audit objectives, by managing the entire process and tracking progress, minimizing impact on team members.

EthiSecure provides consulting services in the field of computer, network and information security in the West Island, Metropolitan Montreal, and points beyond. We manage security audits. Let us help you with your data privacy and cyber security needs.