Solved

IT audit vs IT security audit

Posted on 2011-09-26
1
359 Views
Last Modified: 2012-05-12
What do generalist IT auditors typically review as opposed to what IT security auditors review. Can you give some examples?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 17

Accepted Solution

by:
OriNetworks earned 500 total points
ID: 36599013
IT Auditors generally seek out to find that the it operations are operating in a proper and ethical manner. (e.g. procedures are lined out for compliance and that they are being followed. Verify processes are put in place to actively maintain systems, verify licenses are being tracked.) See http://www.isaca.org/Knowledge-Center/Standards/IT-Audit-and-Assurance/Pages/ObjectivesScopeandAuthorityofITAudit.aspx

IT Security Audits can generally focus on the security aspect and it usually more along the lines of vulnerability to the operations of IT systems. Making sure methods are in place to actively defend infrastructure. (e.g. if software patches are up-to-date or the method in monitoring this practice is relaibale and being followed.)
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
CCNP Exam question 6 39
How do I enable VPN on server 2008 R2 19 63
wifi security 11 46
Patch KB4012598 (wannacry) won't install on 2k8 3 163
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question